php - Google 的 OpenID 实现..400 错误请求

Question

所以我试图掌握 OpenID，我觉得我理解了理论等等......现在开始实现它了。我有一个非常基本的设置，可以将curl请求发送到google提供商地址..

https://www.google.com/accounts/o8/id

解析返回的 XRDS xml 文件

<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">
  <XRD>
    <Service priority="0">
      <Type>http://specs.openid.net/auth/2.0/server</Type>
      <Type>http://openid.net/srv/ax/1.0</Type>
      <Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type>
      <Type>http://specs.openid.net/extensions/ui/1.0/icon</Type>
      <Type>http://specs.openid.net/extensions/pape/1.0</Type>
      <URI>https://www.google.com/accounts/o8/ud</URI>
    </Service>
  </XRD>
</xrds:XRDS>

从 XRDS 文档中检索 google 的实际提供商后，我使用此函数进行重定向...

public function RedirectToEndpoint() {
    $params = array();
    $params['openid.mode'] = 'checkid_setup';
    $params['openid.ns'] = 'http://specs.openid.net/auth/2.0';
    $params['openid.claimed_id'] = 'http://specs.openid.net/auth/2.0/identifier_select';
    $params['openid.identity'] = 'http://specs.openid.net/auth/2.0/identifier_select';
    $params['openid.return_to'] = $this->URLs['return_to'];
    $params['openid.realm'] = $this->URLs['realm'];

    $join = stripos($this->URLs['openid_server'], '?') ? '&' : '?';
    $redirect_to = $this->URLs['openid_server'] . $join . $this->array2url($params);
    if (headers_sent()){ // Use JavaScript to redirect if content has been previously sent (not recommended, but safe)
        echo '<script language="JavaScript" type="text/javascript">window.location=\'';
        echo $redirect_to;
        echo '\';</script>';
    }else{  // Default Header Redirect
        header('Location: ' . $redirect_to);
    }
}

array2url 是一个简单的函数，它将关联数组 $params 转换为附加到查询字符串。

生成的url是这样的...

https://www.google.com/accounts/o8/ud?openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.return_to=http://learn.local/openid/return.php&openid.realm=http://learn.local/openid/index.html&

但是，您最终会看到请求的页面无效。还有一个不错的 400 Bad Request.. 有什么想法吗？

Answer 1

总而言之，我觉得自己再愚蠢不过了!归根结底是正确设置我的领域。可以说，我有一个领域导致我的返回地址超出了可用的“范围”。对于 future 遇到 400 错误的人来说，这可能是..

$openid->SetReturnAddress(('http://learn.local/openid/return.php')); //.return_to
$openid->SetDomain(('http://learn.local/openid/index.html')); //Realm

配置不当的领域..facepalm

现在是...

$openid->SetDomain(('http://learn.local')); //Realm