Author: sergey.chernyshev
Description:
I go to http://www.techpresentations.org/Special:OpenIDLogin and use http://yahoo.com/ as my OpenID URL (click on Yahoo! button in provider selector), Yahoo! brings up a dialog to request which identity to use and I pick "https://me.yahoo.com/sergeychernyshev (Last used)" from a drop-down.
This brings me back to my MediaWiki instance and if it is a first time, it asks me to create an account or pick existing one (I pick my existing account).
Then if I go to http://www.techpresentations.org/Special:Preferences I can see that I have new identity in the list of OpenID URLs:
https://me.yahoo.com/sergeychernyshev
Now, when I go to http://www.techpresentations.org/Special:OpenIDConvert (there is a button called "Add a new OpenID") and use http://yahoo.com/ (clicking Yahoo! button again), it brings me exactly the same interface on Yahoo!'s end with exactly the same value in the identity drop-down: "https://me.yahoo.com/sergeychernyshev (Last used)", but when I submit the form, it doesn't recognize me as existing identity and offers to link to MediaWiki account again instead of just telling me that I already have this identity assigned.
When I go to http://www.techpresentations.org/Special:Preferences again to check the list of OpenID URLs assigned to my account, I see that in addition to original https://me.yahoo.com/sergeychernyshev I now also have https://me.yahoo.com/sergeychernyshev#5d2f8 as an identity.
Both of these URLs are consistent, e.g. when I go through Special:OpenIDLogin, I get https://me.yahoo.com/sergeychernyshev and when I get through Special:OpenIDConvert, I get https://me.yahoo.com/sergeychernyshev#5d2f8 regardless if I had this URL already or not (you can test by deleting OpenID URLs from your preferences and checking if it matches).
This is an issue and it's not clear if it is on MediaWiki's side or on Yahoo's side.
P.S. I always get consistent results if I use MyOpenID through delegation from my http://www.sergeychernyshev.com or if I use Google or my account on LiveJournal so it might be related to some features of Yahoo! implementation (either wrong or newer versions or maybe related to some privacy issues based on different contexts - I have no idea and it needs more research).
Version: unspecified
Severity: major