If you're a regular here, you've probably noticed that OpenID never really worked here, though the form's been here for a while.

I actually succeeded in making a basic implementation in one night a while back (it was actually almost two years ago - here's the news post that I made when I was done). I never really went on to develop it because in about 10 days the login developed a strange error - whenever I tried to log in, it gave me a "bad signature" error.

Today, I finally summoned up the resolve to figure this out. I updated the library, but it still didn't work. Next I tested the login on a local server, and it worked perfectly, so I was at a loss. After wasting about 6 hours re-coding my session management module (which was perfectly functional), and rewriting the OpenID glue code piece by piece, I came across the erroneous code (which was, typically, in the last 20 lines of a 400 line long script).. and it turned out to be

VERY SNEAKY

I forgot to decode the url before passing it to the consumer library in step two of authentication, when the provider sent back the data. As a consequence, I got this bizarre and obscure "bad signature" error. There was really no way for me to know.

Anyway, I've now fixed it up and even added code that lets people register with the form as well as log in. An additional page in the User Control Center is coming soon that will let you attach OpenIDs to your account so you can use it for logging in. But essentially, it's more useful for registering.

The next "version" of shinyshell I'm working on will use both OpenID and Facebook Connect heavily for user authentication, and hopefully I'll be able to phase out the conventional login almost entirely. Also coming soon are other mildly exciting things like gravatar and feeds, as well as better javascripted forms and controls.