When using this openid_provider with a Drupal client, we've been observing consistent big delays (20 secs) during the association process. It doesn't happen when using other (non Drupal) OpenID providers.

With default settings this can happen once every hour for a random user for each RP/provider (the default timeout for the association is 1 hour). This is at least annoying for users, as they can log into multiple sites through the day using the same OpenID.

When timing the whole association process we've found out there's a 15 secs timeout on the http request, which could be fixed either on the client (patching core's drupal_http_request for setting a smaller timeout) or adding some headers on the server response. This can be different depending on the client site php/http setings, though that 15 secs seems to be default timeout for most systems.

This second option looks like the best and easier one. Also looking at some other Drupal's http responses like xmlrpc_server_output(), it looks like the way to go. I don't know whether this would have any compliance problem with the OpenID specs but this simple patch reduces that association time from more than 20 seconds to 6-7 seconds.

diff -u -r1.3.2.7 openid_provider.inc
--- openid_provider.inc	15 Feb 2010 21:13:15 -0000	1.3.2.7
+++ openid_provider.inc	27 May 2010 10:48:04 -0000
@@ -61,6 +61,9 @@
 
   drupal_set_header('HTTP/1.1 200 OK');
   drupal_set_header("Content-Type: text/plain");
+  drupal_set_header('Content-Length: '. strlen($message));
+  drupal_set_header('Connection: close');
+
   print $message;
 }
CommentFileSizeAuthor
openid_provider-slow_association.patch601 bytesjose reyero

Comments

walkah’s picture

walkah CreditAttribution: walkah commented
Status: Needs review » Fixed

committed, thanks jose!

alex_b’s picture

alex_b CreditAttribution: alex_b commented

w00t!

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.