[TYPO3-core] State of TYPO3 OpenID
dmitry.dulepov at gmail.com
Tue Jul 9 17:11:50 CEST 2013
Christian Weiske wrote:
> The spec clearly defines the protocol flow as first sending the user to
> the discovered endpoint. Also, it is explicitely stated that the
> identifier given by the end user may be an endpoint URL, and not an
> OpenID itself.
> The current TYPO3 openid code expects it to be a OpenID URL. It
> verifies that a user with the OpenID URL exists in the database before
> even discovering the OpenID endpoint.
Not correct. The endpoint is handled by the library we use in the
extension. It makes all necessary data exchanges, requests, etc. At least
it was so when I initially wrote the extension.
More information about the TYPO3-team-core