我应该使用哪一个来从Openid auth proccess索引用户."openid_identity"或"openid_claimed_id"?我使用Dope OpenId类并返回的数据是:
[openid_ns] => http://specs.openid.net/auth/2.0
[openid_mode] => id_res
[openid_return_to] => http://localhost/login/authenticate
[openid_claimed_id] => https://me.yahoo.com/a/wK7..MjM-#607
[openid_identity] => https://me.yahoo.com/a/wK7...MjM-
[openid_realm] => http://localhost/
[openid_assoc_handle] =>odm...j24yhwlT...2TOXQ9.sifIz3eLZoU.....jOoGM...9VPcMVavQkVgEQ--
[openid_response_nonce] => 2009-09-19T12:35:08Z95e...WtOYlQ--
[openid_signed] => assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed,ns.pape,pape.auth_level.ns.nist,pape.auth_level.nist,pape.auth_policies
[openid_op_endpoint] => https://open.login.yahooapis.com/openid/op/auth
[openid_ns_pape] => http://specs.openid.net/extensions/pape/1.0
[openid_pape_auth_level_ns_nist] => http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
[openid_pape_auth_level_nist] => 0
[openid_pape_auth_policies] => http://schemas.openid.net/pape/policies/2007/06/none
[openid_sig] => kO7......EitU=
谢谢
将该openid.claimed_id参数用作用户的逻辑主键.将其视为区分大小写,并使用整个值.别不剪掉片段或方案(协议).将"http://"和"https://"协议视为完全不同,即使URL的其余部分相同.简而言之,将其openid.claimed_id视为一个不透明的值,必须完全为新用户存储,并完全匹配返回的用户.
所述的OpenID 2.0规范进一步解释,但简单的答案是上方.
ste*_*anw -2
由于 OpenID 委派,您应始终存储用户提供的 OpenID 规范形式作为输入。
在您的情况下,看起来声明的身份在末尾有一个与 OpenID 进程无关的片段标识符。
| 归档时间: |
|
| 查看次数: |
826 次 |
| 最近记录: |