[OpenID] Dumb Question: Why isn't http://xri.net/=bobwyman an OpenID?

Dag Arneson dag at janrain.com
Thu Jan 4 22:00:00 UTC 2007


As I mentioned before, xri.net is not spec compliant with OpenID since 
it does not use the header or the meta tag to indicate the location of 
the xrds.  I was curious, so I poked around a little more.

If I try to log in to my blog (which uses the Ruby OpenID lib) with 
http://xri.net/=rorek as my OpenID, I get to 2idi (=rorek's i-broker) 
with the error:  I-Name not found: =http://xri.net/=rorek

It appears that xri.net does support the Accept:application/xrds+xml 
header method of obtaining the xrds, but without the openid:delegate the 
2idi openid server gets confused:

$ curl -v -H Accept:application/xrds+xml http://xri.net/=rorek
* About to connect() to xri.net port 80
*   Trying 209.173.57.174... connected
* Connected to xri.net (209.173.57.174) port 80
 > GET /=rorek HTTP/1.1
 > User-Agent: curl/7.15.5 (i486-pc-linux-gnu) libcurl/7.15.5 
OpenSSL/0.9.8c zlib/1.2.3 libidn/0.6.5
 > Host: xri.net
 > Accept:application/xrds+xml
 >
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Content-Type: application/xrds+xml;trust=none
< Content-Length: 912
< Date: Thu, 04 Jan 2007 21:22:16 GMT
<?xml version="1.0" encoding="UTF-8"?>
<XRDS ref="xri://=rorek" xmlns="xri://$xrds">
  <XRD xmlns="xri://$xrd*($v*2.0)">
   <Query>*rorek</Query>
   <Status code="100"/>
   <Expires>2007-01-04T22:22:16.000Z</Expires>
   <ProviderID>xri://=</ProviderID>
   <LocalID priority="10">!7A49.7EDD.2592.F77B</LocalID>
   <CanonicalID priority="10">=!7A49.7EDD.2592.F77B</CanonicalID>
   <Service priority="10">
    <Type select="true">http://openid.net/signon/1.0</Type>
    <ProviderID/>
    <URI append="qxri" priority="2">http://2idi.com/openid/</URI>
    <URI append="qxri" priority="1">https://2idi.com/openid/</URI>
   </Service>
   <Service priority="10">
    <Type select="true">xri://+i-service*(+contact)*($v*1.0)</Type>
    <Type match="default"/>
    <ProviderID/>
    <Path select="true">(+contact)</Path>
    <Path match="null"/>
    <URI append="qxri" priority="1">http://2idi.com/contact/</URI>
   </Service>
  </XRD>
</XRDS>
* Connection #0 to host xri.net left intact
* Closing connection #0

So there are 2 problems here: xri.net has partially broken discovery, 
and 2idi.com's openid server doesn't support the xri.net urls.

To diagnose the 2idi problem I fired up the LiveHTTPHeaders firefox 
extension (highly recommended for diagnosing openid problems).

Here's the url I'm redirected to on 2idi, slightly reformatted:
  http://2idi.com/openid/?openid.mode=checkid_setup&
openid.return_to=http%3A%2F%2Frorek.org%2Fblog%2Fopenid%2Fcomplete%3Fnonce%3DXG7PHaJu&
openid.trust_root=http%3A%2F%2Frorek.org%2Fblog%2F&
openid.identity=http%3A%2F%2Fxri.net%2F%3Drorek&
openid.assoc_handle=%7BHMAC-SHA1%7D%7B459d757d%7D%7BO02jbg%3D%3D%7D

Which looks fine.  After that the stuff is thrown in the session 
apparently and what happens after that to change http://xri.net/=rorek 
into =http://xri.net/=rorek is not clear.

Dag Arneson

a.k.a.
rorek.org
=rorek
dag.myopenid.com
sanedragon



More information about the general mailing list