[OpenID] Yahoo and localhost

Ian Fischer itfische at gmail.com
Wed Jan 30 12:35:55 PST 2008


While I can't speak for what Yahoo is doing, I can offer the following
work-around:

The domain localhacks.com is setup so that all subdomains
(*.localhacks.com) point to 127.0.0.1.  If your server is listening at
localhost, you should be able to just type in foo.localhacks.com for
testing after appropriate editing of your server config to map
foo.localhacks.com.

I use this extensively to allow for easy development of multiple sites
on one computer, but it should be useful here as well.  Hopefully this
gives Yahoo what they're looking for.

-- Ian Fischer

On Jan 30, 2008 12:21 PM, Danny Burkes <dburkes at infoteria.com> wrote:
> Hi everyone-
>
> I'm in the process of developing a new product that will be an RP.  We
> have RP functionality already working using ruby-openid 2.03, and we
> can successfully authenticate against both OpenID 1.0 and 2.0 providers.
>
> Today Yahoo turned on their IdP functionality, so I thought I'd try
> it, and it wouldn't authenticate me when I run our app on my local
> development machine- I just get redirected to a page at Yahoo that
> says "Sorry! Something is not quite right with the request we received
> from the website you are trying to use".
>
> However, if I try to authenticate running our app on a publicly-
> available server (our staging server), it authenticates fine against
> the Yahoo IdP.
>
> The only difference I can see in the two authentication transactions
> is that, when running on my local development machine,
> openid.return_to is like "http://localhost:3000/...", whereas when
> running from the staging machine, it's like "http://
> our.staging.server/...".
>
> Does the Yahoo IdP refuse authentication requests that specify
> localhost in the return_to?  If so, it seems like a big flub, as it
> locks out developers.
>
> Thanks for any enlightenment you can provide.
>
> Best Regards,
>
> Danny Burkes
> http://www.lingr.com/help/about#danny
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>


More information about the general mailing list