LightOpenID validate() 在 Google Apps 上失败

发布于 2024-10-27 13:43:59 字数 1740 浏览 6 评论 0原文

我正在使用 LightOpenID 针对 Google Apps 验证 OpenID。我发出初始 authURL() 请求,一切都很好。我调用 validate() 但失败了。通过大量的回声,我已经追踪到 validate() 的最后几行。

从 validate() 中,传递到 discovery($url) 的 url 为 https://www.google.com/accounts/o8/user-xrds?uri=http://my-domain.com/openid? id=117665028262121597341

discovery() 首先检查不存在的 xrds-location。 discovery() 接下来检查内容类型是否为 xrds+xml,这是正确的。 discovery() 检查 Service(.*)/Service,这是正确的。这是 Service 的片段,/Se​​rvice

<Service priority="0">
<Type>http://specs.openid.net/auth/2.0/signon</Type> 

<Type>http://openid.net/srv/ax/1.0</Type>
<Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type>
<Type>http://specs.openid.net/extensions/ui/1.0/icon</Type>
<Type>http://specs.openid.net/extensions/pape/1.0</Type>
<URI>https://www.google.com/a/<my domain>.com/o8/ud?be=o8</URI>
</Service>

discovery() 看到我们正在使用 OpenID 2 并将 URI 字段提取到 $server 变量中。 discovery() 继续提取 CanonicalID,发现 Google 支持 AX 而不是 SREG。最后,discover() 返回 $server,因为 https://www.google.com/a/my-domain.com/o8/ud?be=o8

validate() 继续清理每个字段在 data[] 中,取决于 magic_quotes 与否。它将 openid.mode 设置为“check_authentication”,请求 discovery($url) 返回的 $server 和 preg 的“/is_valid:true”。最后的 preg_match 失败了。 $server url 不会返回验证,而是显示“您请求的页面无效”。

我正在寻找的答案是 Google Apps 验证的正确网址。紧随其后的是网址应该是什么样子,我将深入研究 Google Apps 返回的信息,看看是否有类似的东西。

添加:不确定这是否重要,但我确实有一个 /.well-known/host-meta 文件。以下是内容: 链接:; rel="http://reltype.google.com/openid/xrd-op 描述的"; type="application/xrds+xml"

如果您需要更多代码或数据,请告诉我。

谢谢, 埃里克·B.

I'm using LightOpenID to authenticate OpenID against Google Apps. I make the initial authURL() request and things are good. I call validate() and it fails. Through copious echo's, i've tracked it down to the last few lines of validate().

From validate(), the url passed into discover($url) is https://www.google.com/accounts/o8/user-xrds?uri=http://my-domain.com/openid?id=117665028262121597341

discover() first checks for an xrds-location, which is not present. discover() next checks if the content-type is xrds+xml, which is true. discover() checks for Service(.*)/Service, which is true. Here is the snippet of Service,/Service

<Service priority="0">
<Type>http://specs.openid.net/auth/2.0/signon</Type> 

<Type>http://openid.net/srv/ax/1.0</Type>
<Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type>
<Type>http://specs.openid.net/extensions/ui/1.0/icon</Type>
<Type>http://specs.openid.net/extensions/pape/1.0</Type>
<URI>https://www.google.com/a/<my domain>.com/o8/ud?be=o8</URI>
</Service>

discover() sees that we are using OpenID 2 and extracts the URI field into the $server variable. discover() continues extracting the CanonicalID, finding that Google supports AX and not SREG. Finally, discover() returns $server as https://www.google.com/a/my-domain.com/o8/ud?be=o8

validate() continues by cleaning up each field in data[], depending on magic_quotes or not. It sets openid.mode to 'check_authentication', requests the $server returned by discover($url) and preg's for '/is_valid:true'. It is this last preg_match that fails. The $server url does not return a validation but instead says, "The page you requested is invalid."

The answer I'm looking for is the correct url for Google Apps validation. A close second would be what the url should look like and I'll dig through the info returned by Google Apps and see if I have something like that.

ADDED: Not sure if this matters but I do have a /.well-known/host-meta file in place. Here are the contents:
Link: <https://www.google.com/accounts/o8/site-xrds?hd=my-domain.com>; rel="describedby http://reltype.google.com/openid/xrd-op"; type="application/xrds+xml"

Let me know if you want more code or data.

Thanks,
Eric B.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

伊面 2024-11-03 13:43:59

确保您的服务器上已安装 PHP curl 扩展。我们最近在生产中遇到了完全相同的症状,这与服务器配置问题有关。

如果您在 Debian 上运行应用程序,只需使用:

apt-get install php5-curl

Make sure PHP curl extension has been installed on your server. We have encountered exact same symptoms in production recently and it was related to an issue of server provisioning.

If you're running an app on Debian, simply use:

apt-get install php5-curl
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文