OpenID and Relying Party Discovery
Note via: http://blog.nerdbank.net/2008/06/why-yahoo-says-your-openid-site.html
You must advertise your XRDS document from your Realm URL.
Add the following line inside the HEAD tags of your Realm page:
<meta http-equiv="X-XRDS-Location" content="http://yourdomain.com/hybridauth_path/or_somthing_like_that/?openid_xrds"/>
Note via: http://developer.yahoo.com/openid/faq.html
Yahoo! displays the above warning for Relying Parties which fail to implement Section 13: Discovering OpenID Relying Parties of the OpenID 2.0 Protocol. Implementing Relying Party Discovery enables Yahoo to verify your site's OpenID Realm when servicing Authentication Requests from your site.
hybridauth/index.php is used to Serve the OpenID XRDS document:
This xrds doc can be found at ./hybridauth/Hybrid/resources/openid_xrds.xml
Depending on your settings, {RETURN_TO_URL} can be something like http://yoursite.com/path_to_hybridauth/?hauth.done=OpenID
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> <XRD> <Service priority="1"> <Type>http://specs.openid.net/auth/2.0/return_to</Type> <URI>{RETURN_TO_URL}</URI> </Service> </XRD> </xrds:XRDS>
hybridauth/index.php
also used to Advertise XRDS document:
The html content can be found at ./hybridauth/Hybrid/resources/openid_realm.html
Depending on your settings, the url can be something like http://yoursite.com/path_to_hybridauth/?get=openid_xrds
<html> <head> <meta http-equiv="X-XRDS-Location" content="{X_XRDS_LOCATION}" /> </head> <body> </body> </html>
# /hybridauth/index.php also used to serve your policy terms:
The html content can be found at ./hybridauth/Hybrid/resources/openid_policy.html
Depending on your settings, the url can be something like http://yoursite.com/path_to_hybridauth/?get=openid_policy
<html> <head> <title>OpenID Policy</title> </head> <body> <!-- Set here your OpenID Policy, --> </body> </html>