ZF-10232: Zend_OpenId_Provider encrypts password to md5 no matter what

Issue Type:
Improvement
Created:
2010-07-26T16:39:36.000+0000
Last Updated:
2012-11-20T21:37:33.000+0000
Status:
Open
Fix version(s):
    Reporter:
    Nathan Hazout (nasht00)
    Assignee:
    None
    Tags:
    • Zend_OpenId
    Related issues:
    Attachments:

    Description

    I am trying to make my existing website and user base into an OpenId provider. The code for Zend_OpenId_Provider->login() uses md5, however my existing user base does not support MD5. Shouldn't it be a setting or option to use md5, another encryption, or none?

    Comments

    Posted by Nathan Hazout (nasht00) on 2010-07-26T17:26:07.000+0000

    Actually the issue is more complex than I thought.

    The code is if (!$this->_storage->checkUser($id, md5($id.$password)))

    Why $id.$password?