Google OpenID: the page you requested is invalid

7
votes

I'm writing a Relying Party, and use the Google provider. Yadis leads me to https://www.google.com/accounts/o8/ud, I create an association, and redirect the user's browser to that URL (HTTP 307), and fill in the following query parameters:

  • openid.ns: http://specs.openid.net/auth/2.0
  • openid.mode: checkid_setup
  • openid.assoc_handle: value_received_from_association,
  • openid.return_to: http://my_host:and_port/?returned=1

AFAICT, I have filled out everything I'm supposed to provide, yet my user's browser gets a page from google which says "The page you requested is invalid". In what way?

2
openidgoogle-openid

2 Answers

4
votes

The error was literally triggered by not including the openid.claimed_id and openid.identity parameters, which must be set to "http://specs.openid.net/auth/2.0/identifier_select". With these set, I get another error, which can be resolved by also filling out openid.realm, with the same value as openid.return_to.

Even though I also implemented RP discovery, Google does not appear to use it.

1
votes

Have you set up RP discovery for your site yet? That's something else you need to do, and Google might be enforcing it now.

http://blog.nerdbank.net/2008/06/why-yahoo-says-your-openid-site.html