首先,让我以我对 OpenID 完全陌生且对 PHP 不是很熟悉的事实作为开头。
我在我的网站 (Apache/PHP) 上设置了 Janrain 的 Engage 示例,包括头部的 JavaScript:
(function() {
if (typeof window.janrain !== 'object') {
window.janrain = {};
}
if (typeof window.janrain.settings !== 'object') {
window.janrain.settings = {};
}
janrain.settings.tokenUrl = 'http://mydomain.com/tokenform.php';
function isReady() {
janrain.ready = true;
};
if (document.addEventListener) {
document.addEventListener("DOMContentLoaded", isReady, false);
} else {
window.attachEvent('onload', isReady);
}
var e = document.createElement('script');
e.type = 'text/javascript';
e.id = 'janrainAuthWidget';
if (document.location.protocol === 'https:') {
e.src = 'https://rpxnow.com/js/lib/myapp/engage.js';
} else {
e.src = 'http://widget-cdn.rpxnow.com/js/lib/myapp/engage.js';
}
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(e, s);
})();
我添加了他们的 DIV 标签:
<div id="janrainEngageEmbed"></div>
我根据他们的指示构建了以下令牌收据页面:
<?php
header('Content-Type: text/html; charset=utf-8');
?>
<html>
<head>
<title>Janrain Engage example</title>
</head>
<body>
<pre>
<?php
$rpx_api_key = file_get_contents('/path/apikey.txt');
/* STEP 1: Extract token POST parameter */
$token = $_POST['token'];
echo "SERVER VARIABLES:\n";
var_dump($_SERVER);
echo "HTTP POST ARRAY:\n";
var_dump($_POST);
// test the length of the token; it should be 40 characters
if (strlen($token) == 40) {
/* STEP 2: Use the token to make the auth_info API call */
$post_data = array('token' => $token,
'apiKey' => $rpx_api_key,
'format' => 'json',
'extended' => 'false');
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, 'https://rpxnow.com/api/v2/auth_info');
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_FAILONERROR, true);
$result = curl_exec($curl);
if ($result == false){
echo "\n".'Curl error: ' . curl_error($curl);
echo "\n".'HTTP code: ' . curl_errno($curl);
echo "\n"; var_dump($post_data);
}
curl_close($curl);
/* STEP 3: Parse the JSON auth_info response */
$auth_info = json_decode($result, true);
if ($auth_info['stat'] == 'ok') {
echo "\n You're in!";
echo "\n auth_info:";
echo "\n"; var_dump($auth_info);
/* STEP 4: Use the identifier as the unique key to sign the user into your system.
This will depend on your website implementation, and you should add your own
code here. The user profile is in $auth_info.
*/
} else {
// Gracefully handle auth_info error. Hook this into your native error handling system.
echo "\n".'An error occured: ' . $auth_info['err']['msg']."\n";
var_dump($auth_info);
echo "\n";
var_dump($result);
}
} else {
// Gracefully handle the missing or malformed token. Hook this into your native error handling system.
echo 'Authentication canceled.';
}
?>
</pre>
</body>
</html>
我的小部件接受来自 Google、Facebook、Twitter、Yahoo、LinkedIn 和 Windows Live 的登录。只要我使用 IE,一切都像宣传的那样工作。如果我尝试使用 Firefox 或 Chrome 的任何提供程序,我似乎已通过身份验证,登录对话框消失,但我被困在带有 Open ID 提供程序选择小部件的页面上。
有任何想法吗?