1

我正在尝试实现 OpenID,为此我下载了http://www.openidenabled.com/php-openid并从中获取了 Auth 文件夹,并将任何内容更改为 localhost 目录并创建了一个 index.php 文件,其代码为如下:

<?php
    if (!isset($_POST['submit'])) {
?>
        <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
        "DTD/xhtml1-transitional.dtd">
        <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
        <head>
        <title>OPENID TESTING</title>
        </head>
        <body>
        <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Sign in with your OpenID: <br/>
            <input type="text" name="id" size="30" />
            <br />
            <input type="submit" name="submit" value="Log In" />
        </form>
        </body>
        </html>
<?php
    } else {

        // check for form input
        if (trim($_POST['id'] == '')) {
            die("ERROR: Please enter a valid OpenID.");
        }

        // include files
        require_once "Auth/OpenID/Consumer.php";
        require_once "Auth/OpenID/FileStore.php";

        // start session (needed for YADIS)
        session_start();

        // create file storage area for OpenID data
        $store = new Auth_OpenID_FileStore('./oid_store');

        // create OpenID consumer
        $consumer = new Auth_OpenID_Consumer($store);

        // begin sign-in process
        // create an authentication request to the OpenID provider

        $auth = $consumer->begin($_POST['id']);
        if (!$auth) {
            die("ERROR: Please enter a valid OpenID.");
        }

        // redirect to OpenID provider for authentication
        $url = $auth->redirectURL('http://localhost/', 'http://localhost/oid_return.php');
        header('Location: ' . $url);
    }
?>

现在,当我尝试从 worldpress 填写 id 或 myopenid.com 被识别并将我转移到提供商页面进行身份验证时,但这不会发生在 Google、yahoo 或其他服务提供商案例中。我必须为谷歌或雅虎实施什么

4

1 回答 1

3

我正在使用 PHP LightOpenID 库(参见 gitorious)让用户能够使用他们的 Google 帐户登录我的网站。对于其他 OpenID 提供者,您只需更改该$openid->identity字段。它为我们处理所有的身份验证流程。您无需担心令牌和其他东西。

这里是我显示“使用 Google 登录”链接的页面:

<?php
require_once 'openid.php';
$openid = new LightOpenID;

$openid->identity = 'https://www.google.com/accounts/o8/id';
$openid->required = array('contact/email');
$openid->returnUrl = 'http://my-website.com/landing-login.php'
?>

<a href="<?php echo $openid->authUrl() ?>">Login with Google</a>

当点击链接时,会出现一个谷歌页面,要求他进行身份验证和/或授权您检索他的电子邮件。

然后他将被重定向到登录页面$openid->returnUrl。该页面的代码应为:

<?php
require_once 'openid.php';
$openid = new LightOpenID;

if ($openid->mode) {
    if ($openid->mode == 'cancel') {
        // User has canceled authentication
    } elseif($openid->validate()) {
        // Yeah !
        $data = $openid->getAttributes();
        $email = $data['contact/email'];
    } else {
        // The user has not logged in via Google
    }
} else {
    // The user does not come from the link of the first page
}
?>

如果您想从用户那里检索更多信息,您必须将它们添加到$openid->required第一页。例如 :

$openid->required = array(
  'contact/email',
  'namePerson/first',
  'namePerson/last'
);

如果用户接受它,将让您在第二页中获取他的名字和姓氏:

$name = $data['namePerson/first'] . " " . $data['namePerson/last'];

希望有帮助!

于 2011-05-30T06:42:08.937 回答