开发者

Question about Google openid.claimed_id

开发者 https://www.devze.com 2023-02-28 03:41 出处:网络
I am using openid authentication in my web application. I have two tables, one for storing multiple openid_url for any user_id and with openid as primary key.

I am using openid authentication in my web application. I have two tables, one for storing multiple openid_url for any user_id and with openid as primary key.

There is another table with user details with user_id as primary key.

my authentication works and after that I check if the url returned is available in my openid table, if its not there, I redirect to a create user form, while if the url is there, user is redirected to page where he was. But I am facing a strange iss开发者_开发技巧ue where in the url returned for my email id after google authentication does not match with the value stored in db a day before or so.

I am not sure if I am missing something or do I have to use some thing else in openid 2.0.

Any clue at this point is highly appreciated.

Edit:

I got one more thread which deals with information I am looking for. Why does the ID of Google's OpenID implementation change?


Google uses unique identifiers for every service provider (relaying party).

Please verify that your side using a consistent openid.realm. That is the protocol and domain name of your side. For example: https://stackauth.com

If you mix using of a "www." prefix or not using it or mixing http or https, Google will see you as distinct service providers and provide different ids for the same user.


I have gone thorough a number of documents and I am going to use email as user identifier only in case of google. This is one attribute which is uniq for any site any domain.

0

精彩评论

暂无评论...
验证码 换一张
取 消