来自Google使用OpenID的友好名称？

Question

当我与Google OpenID提供商进行乒乓球比赛时,我无法获得友好的名字/昵称/用户名(无论你想叫什么).

我得到的东西看起来很糟糕,如下所示:

www.google.com/accounts/o8/id?id=AItOawmtAnQvSXGhRTkAHZWyxi4L4EKa7xoTT1dk  

而不是喜欢的东西

JohnDoe

什么是以友好的方式从Google获取用户名称的协议,比如myopenid呢？

**我正在使用DotNetOpenAuth*

Answer 1

你不能.OP发出的标识符严格取决于OP.RP对它没有任何发言权.现在,一些OP支持使用登录提供属性,例如昵称,电子邮件地址等.Google对这些属性的支持非常有限,仅提供电子邮件地址.

Google选择不发布用户可识别的标识符,因为它存在信息泄露风险.雅虎通过为用户提供人性化和非人性化的标识符来实现这两种方式,用户可以在其中进行选择.MyOpenID和其他OP通常仅使用用户友好的标识符,用户在OP注册时选择该标识符.

您可能需要在您的RP上使用特殊情况Google来选择一个更友好的字符串,以便在用户登录时显示给用户,或者由于Google不是唯一一个这样做的人,请编写代码以确定何时标识符是不可读并显示对用户更友好的内容,以便他们知道他们已登录(可能是他们的电子邮件地址或他们在您的网站上挑选的昵称).

警告:如果您选择显示比Google发布的更友好的标识符,您仍必须使用 Google 的官方声明标识符作为您传递给用户的官方用户名以及FormsAuthentication.RedirectFromLogin数据库中的用户名查找.您放在一起的任何其他内容通常会带来安全风险.

Answer 2

基于罗伊回答,我试图使用相同的请求DotNetOpenAuth,它工作正常. 请求:

var req = openid.CreateRequest("https://www.google.com/accounts/o8/id");
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email,true));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.First,true));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Last,true));

req.AddExtension(fetch);

注意:确保AttributeRequest构造函数的第二个parm 设置为true.

响应部分是直截了当的.

var openid = new OpenIdRelyingParty();
var response = openid.GetResponse();
var fetch = response.GetExtension<FetchResponse>();
if (fetch != null) {
IList<string> emailAddresses =fetch.Attributes[WellKnownAttributes.Contact.Email].Values;
IList<string> firstNames = fetch.Attributes[WellKnownAttributes.Name.First].Values;
IList<string> lastName = fetch.Attributes[WellKnownAttributes.Name.Last].Values;
}

Answer 3

截至2012年,Google OpenID端点似乎支持通过Attribute Exchange协议检索名字和姓氏.下面是一些使用Pyramid Web框架和Janrain的python-openid包的示例Python代码.

from openid.consumer import consumer
from openid.extensions.ax import AttrInfo, FetchRequest, FetchResponse
from openid.store.filestore import FileOpenIDStore
from openid.store.sqlstore import PostgreSQLStore, MySQLStore, SQLiteStore

AX_FIRSTNAME = 'http://axschema.org/namePerson/first'
AX_LASTNAME = 'http://axschema.org/namePerson/last'
AX_EMAIL = 'http://axschema.org/contact/email'

@view_config(route_name='openID_start', permission=NO_PERMISSION_REQUIRED)
def start(request):
    'Start openID authentication process'
    params = request.params
    openIDURL = params.get('openIDURL')
    if not openIDURL:
        return HTTPResponse('Parameter expected: openIDURL')
    openIDConsumer = get_consumer(request)
    try:
        openIDRequest = openIDConsumer.begin(openIDURL)
    except consumer.DiscoveryFailure, error:
        return HTTPResponse('Discovery failed: %s' % escape(error))
    else:
        if not openIDRequest:
            return HTTPResponse('Not an openID provider: %s' % escape(openIDURL))

        axRequest = FetchRequest()
        axRequest.add(AttrInfo(AX_FIRSTNAME, required=True))
        axRequest.add(AttrInfo(AX_LASTNAME, required=True))
        axRequest.add(AttrInfo(AX_EMAIL, required=True))
        openIDRequest.addExtension(axRequest)

        sourceURL = request.host_url
        targetURL = request.route_url('openID_finish')
        if openIDRequest.shouldSendRedirect():
            return HTTPFound(location=openIDRequest.redirectURL(sourceURL, targetURL))
        return HTTPResponse(openIDRequest.htmlMarkup(sourceURL, targetURL))

@view_config(route_name='openID_finish', permission=NO_PERMISSION_REQUIRED)
def finish(request):
    'Finish openID authentication process'
    openIDConsumer = get_consumer(request)
    targetURL = request.route_url('openID_finish')
    openIDResponse = openIDConsumer.complete(request.params, targetURL)
    html = openIDResponse.status + '<br>'
    for key, value in openIDResponse.__dict__.iteritems():
        html += '%s: %s<br>' % (escape(key), escape(value))
    html += '<br>'
    if consumer.SUCCESS == openIDResponse.status:
        axResponse = FetchResponse.fromSuccessResponse(openIDResponse)
        html += 'First name: %s<br>' % escape(axResponse.get(AX_FIRSTNAME))
        html += 'Last name: %s<br>' % escape(axResponse.get(AX_LASTNAME))
        html += 'Email: %s<br>' % escape(axResponse.get(AX_EMAIL))
    return HTTPResponse(html)

def get_consumer(request):
    try:
        openIDStore = {
            'sqlite': SQLiteStore,
            'postgresql': PostgreSQLStore,
            'mysql': MySQLStore,
        }[db.bind.name](db.bind.raw_connection())
    except KeyError:
        openIDStore = FileOpenIDStore('data/openIDs')
    try:
        openIDStore.createTables()
    except:
        pass
    return consumer.Consumer(request.session, openIDStore)