Verification failure while using openid4java for 'login with google'

StackOverflow https://stackoverflow.com/questions/7645226

Question

I am using openid4java library for implementing the 'login with google' functionality in a spring-mvc application.

It works fine on my local tomcat server but on the remote server it has suddenly stopped working. It was working fine before there too.

After doing some logging in catalina.out I found that the verification of the response fails after google redirects to the return url

VerificationResult verification = openIdService.getConsumerManager().verify(
                      receivingURL.toString(),
                      response, discovered);

Identifier verified = verification.getVerifiedId(); //Null

The value of verified is null on the remote server. On local server its an uri

I am aware that while handling the response, ConsumerManager needs to be the same instance used to place the authentication request.

The rest of the code is implemented as follows

There is an OpenIdController in which OpenIdService is Autowired.

The OpenIdServiceImpl implements OpenIdService and has the getConsumerManager method which returns the consumerManager instance.

In the construct of the OpenIdServiceImpl, an instance of ConsumerManager is created.

The actions that create the form for submission and handle the response are written in the OpenIdController and access the consumerManager instance using the getConsumerManager method.

Edit:

I tried logging the Discovery information before the form submission and in the call back here it the output

Debugging OpenId: Discovered (before) OpenID2
OP-endpoint:https://www.google.com/accounts/o8/ud
ClaimedID:null
Delegate:null
Debugging OpenId: Discovered (after) OpenID2
OP-endpoint:https://www.google.com/accounts/o8/ud
ClaimedID:null
Delegate:nul

Am I doing anything wrong here ? But it works on local server!

Or something to do with tomcat configuration on the remote server ?

Any help is appreciated. I can post code if required.

Thanks.

Was it helpful?

Solution

I could resolve this problem by adding the following lines after creating an instance of ConsumerManager. 

consumerManager.setAssociations(new InMemoryConsumerAssociationStore()); 
consumerManager.setNonceVerifier(new InMemoryNonceVerifier(5000)); 
consumerManager.setMinAssocSessEnc(AssociationSessionType.DH_SHA256);

I found it mentioned it in one of the comments to the SampleConsumer example here - http://code.google.com/p/openid4java/wiki/SampleConsumer

see response #3 from the bottom.

Haven't yet tried to figure out what it does, but hope its the right way to solve it :)

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top