Google的OpenID实现.. 400错误请求

时间:2012-06-06 19:12:50

标签: php openid

所以我试图掌握OpenID,我觉得我理解这个理论等等......现在它已经实现了。我有一个非常基本的设置,可以向谷歌提供商地址发送一个卷曲请求。

https://www.google.com/accounts/o8/id

解析返回的XRDS xml文件

<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">
  <XRD>
    <Service priority="0">
      <Type>http://specs.openid.net/auth/2.0/server</Type>
      <Type>http://openid.net/srv/ax/1.0</Type>
      <Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type>
      <Type>http://specs.openid.net/extensions/ui/1.0/icon</Type>
      <Type>http://specs.openid.net/extensions/pape/1.0</Type>
      <URI>https://www.google.com/accounts/o8/ud</URI>
    </Service>
  </XRD>
</xrds:XRDS>

从他们的XRDS文档中检索谷歌的实际提供者后,我使用此功能重定向... 

public function RedirectToEndpoint() {
    $params = array();
    $params['openid.mode'] = 'checkid_setup';
    $params['openid.ns'] = 'http://specs.openid.net/auth/2.0';
    $params['openid.claimed_id'] = 'http://specs.openid.net/auth/2.0/identifier_select';
    $params['openid.identity'] = 'http://specs.openid.net/auth/2.0/identifier_select';
    $params['openid.return_to'] = $this->URLs['return_to'];
    $params['openid.realm'] = $this->URLs['realm'];

    $join = stripos($this->URLs['openid_server'], '?') ? '&' : '?';
    $redirect_to = $this->URLs['openid_server'] . $join . $this->array2url($params);
    if (headers_sent()){ // Use JavaScript to redirect if content has been previously sent (not recommended, but safe)
        echo '<script language="JavaScript" type="text/javascript">window.location=\'';
        echo $redirect_to;
        echo '\';</script>';
    }else{  // Default Header Redirect
        header('Location: ' . $redirect_to);
    }
}

array2url是一个简单的函数,它将assoc数组$ params转换为追加到查询字符串。

生成的网址就是这样...... 

https://www.google.com/accounts/o8/ud?openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.return_to=http://learn.local/openid/return.php&openid.realm=http://learn.local/openid/index.html&

但是,您最终在请求的页面无效。还有一个不错的400 Bad Request ..有什么想法吗?

1 个答案:

答案 0 :(得分:3)

总而言之,我感觉不是更愚蠢!它归结为正确设置我的领域。我有一个领域,导致我的返回地址超出可用的“范围”可以这么说。对于遇到400错误的未来人来说,可能是...... 

$openid->SetReturnAddress(('http://learn.local/openid/return.php')); //.return_to
$openid->SetDomain(('http://learn.local/openid/index.html')); //Realm

配置不佳的领域.. facepalm

现在...... 

$openid->SetDomain(('http://learn.local')); //Realm
相关问题
最新问题