Merge branch 'openid-fix' into 0.9.x

diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php
index 4ce350f7737a56d0480e6440d4e1f9a6ef0a0148..1b93163e5f5efb307828e5aba64815e79ffa3ff8 100644 (file)
--- a/plugins/OpenID/openid.php
+++ b/plugins/OpenID/openid.php
@@ -182,7 +182,19 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
     $trust_root = common_root_url(true);
     $process_url = common_local_url($returnto);
 
-    if ($auth_request->shouldSendRedirect()) {
+    // Net::OpenID::Server as used on LiveJournal appears to incorrectly
+    // reject POST requests for data submissions that OpenID 1.1 specs
+    // as GET, although 2.0 allows them:
+    // https://rt.cpan.org/Public/Bug/Display.html?id=42202
+    //
+    // Our OpenID libraries would have switched in the redirect automatically
+    // if it were detecting 1.1 compatibility mode, however the server is
+    // advertising itself as 2.0-compatible, so we got switched to the POST.
+    //
+    // Since the GET should always work anyway, we'll just take out the
+    // autosubmitter for now.
+    // 
+    //if ($auth_request->shouldSendRedirect()) {
         $redirect_url = $auth_request->redirectURL($trust_root,
                                                    $process_url,
                                                    $immediate);
@@ -194,6 +206,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
         } else {
             common_redirect($redirect_url, 303);
         }
+    /*
     } else {
         // Generate form markup and render it.
         $form_id = 'openid_message';
@@ -219,6 +232,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
             $action->handle(array('action' => 'autosubmit'));
         }
     }
+    */
 }
 
 # Half-assed attempt at a module-private function