[Code] Dealing with 'Server responds that checkAuth call is not valid' responses..

Silfheed silfheed at gmail.com
Wed Mar 3 00:13:19 UTC 2010 

Hello

I'm trying to implement OpenID for a bunch of various wsgi apps that are
used in house by creating a wrapper that uses repoze.who and the repoze.who
openid plugin.  Everything works fine using the test phpMyID IP server that
I have running on my own machine, but as soon as I point my wsgi client app
at the main IP server, I get a vague, mysterious 'Server responds that
checkAuth call is not valid' response.  The wsgi app that I'm running is on
an internal VPN, but the IP server has access to that VPN as well (otherwise
I wouldn't be getting any response whatsoever from the IP server).  Is there
something special I have to do in discovery or in association handling since
the client is on a private ip (and will be in production)?  Is there anyway
to get more information without getting into the logs on the IP Server (it's
something I can do, but getting access will take a while.. like next week or
so)

Here's the output that openid.consumer gives after contacting the IP server
(which I s/realserver/example.com/g ):

Generated checkid_setup request to https://example.com/server with
assocication {HMAC-SHA1}{4b8d727e}{HbH8Bw==}
10.156.80.74 - - [02/Mar/2010:12:18:04 -0700] "POST /login_handler HTTP/1.1"
302 0 "http://10.156.80.74:5001/login" "Mozilla/5.0 (X11; U; Linux i686;
en-US) AppleWebKit/532.9 (KHTML, like Gecko) Chrome/5.0.307.11 Safari/532.9"
No pre-discovered information supplied.
Performing discovery on https://example.com/me
Received id_res response from https://example.com/server using association
{HMAC-SHA1}{4b8d727e}{HbH8Bw==}
Using OpenID check_authentication
assoc_handle - {HMAC-SHA1}{4b8d727e}{HbH8Bw==}
claimed_id - https://example.com/me
identity - https://example.com/me
mode - id_res
ns - http://specs.openid.net/auth/2.0
op_endpoint - https://example.com/server
response_nonce - 2010-03-02T20:18:07ZfdHDDZ
return_to -
http://10.156.80.74:5001/login_handler?janrain_nonce=2010-03-02T20%3A18%3A05ZcbD9mw
signed -
assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed
Server responds that checkAuth call is not valid



Thanks for any help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-code/attachments/20100302/80cfbc6c/attachment.htm>

More information about the Code mailing list