There is a new bugfix release of the OpenID component available: https://github.com/cakebaker/openid-component/downloads.
This release fixes a bug in the isOpenIDResponse() method. So far this method only recognized OpenID responses from a GET request. But as I had to learn, there are OpenID providers (e.g. Hyves) responding with a POST request… So, if you use the isOpenIDResponse() method, please upgrade to the new version.
However, this bug not only affected the component itself but also the examples and the example application. They contained code that looked like:
if ($this->RequestHandler->isPost()) {
// make OpenID request
} elseif ($this->Openid->isOpenIDResponse()) {
// handle OpenID response
}
This snippet will fail if the response from an OpenID provider is a POST request. Instead it should look like:
if ($this->RequestHandler->isPost() && !$this->Openid->isOpenIDResponse()) {
// make OpenID request
} elseif ($this->Openid->isOpenIDResponse()) {
// handle OpenID response
}
Please fix this in your code if you followed the examples.
Thanks go to Sam Mousa for reporting this issue.
Switch it and it will be DRYer :) Or at least factor out the $this->Openid->isOpenIDResponse() … I know, this is silly :)
[...] This post was mentioned on Twitter by Planet CakePHP, openid_retweeter and openid_retweeter, Individual IT. Individual IT said: RT @planetcakephp: #cakephp Bugfix release v2010-12-08 of the OpenID component http://bit.ly/hBrGRn [...]
@David: Thanks for your comment.
I agree with you, your snippet is DRYer. I considered to write the code in this way at first, but somehow it doesn’t feel right to me to have the response handling before making a request. Maybe a better solution would be to split the code into two methods: