python-openid

2.2.5 verified Mon Apr 27 auth: no python maintenance

Python OpenID library for server and consumer implementations. Current version is 2.2.5, released 2014. In maintenance mode with no active development; last release was over a decade ago.

pip install python-openid

Common errors

error openid.fetchers.HTTPFetchingError: Not Found ↓

cause The OpenID provider's XRDS or Yadis document is missing or unreachable due to incorrect URL or network issues.

fix

Verify the OpenID URL is correct and accessible. Check that the provider's server supports OpenID. Add error handling to catch HTTPFetchingError.

error AttributeError: module 'openid' has no attribute 'consumer' ↓

cause Wrong import: attempting to access consumer directly from top-level openid module instead of subpackage.

fix

Use from openid.consumer.consumer import Consumer.

Warnings

breaking Python 2 only: python-openid 2.x is Python 2 only. No Python 3 official release exists. ↓

fix Use a fork like python3-openid or migrate to python-openid2 (which supports Python 3 though still unmaintained).

deprecated Last release in 2014: The library is effectively dead. No security patches, no modern OpenID Connect support. ↓

fix Consider using a maintained alternative like python3-openid or authlib.

gotcha Dependency on defusedxml not enforced: You must manually install defusedxml for safe XML parsing, otherwise vulnerable to XXE. ↓

fix Install defusedxml: pip install defusedxml

gotcha Fetcher configuration required: You must set a default fetcher (e.g., Urllib2Fetcher) before making requests, or discovery will fail silently. ↓

fix Call openid.fetchers.setDefaultFetcher(Urllib2Fetcher()) early in your app.

Imports

Consumer

wrong

from openid import Consumer

correct

from openid.consumer.consumer import Consumer

Wrong import due to incorrect module path.

store
wrong
```
from openid import store
```
correct
```
from openid.store import memstore, filestore
```
Wrong import; store is a subpackage, not a module directly under openid.

Quickstart

Initialize a Consumer with a memory store and default fetcher to begin the OpenID authentication flow.

from openid.consumer.consumer import Consumer
from openid.store.memstore import MemoryStore
from openid.fetchers import setDefaultFetcher, Urllib2Fetcher

store = MemoryStore()
consumer = Consumer({}, store)
setDefaultFetcher(Urllib2Fetcher())
return_to = 'http://example.com/openid/return'
# Use consumer.begin(openid_url) to initiate authentication
# Then handle the response in your return endpoint.