开发者

How to use OpenID+OAuth in my website?

开发者 https://www.devze.com 2023-02-02 03:11 出处:网络
I want to log in my website by using google account, now i can use google account to log in(by Ope开发者_JS百科nID), but i don\'t know how to get user account and information in google?

I want to log in my website by using google account, now i can use google account to log in(by Ope开发者_JS百科nID), but i don't know how to get user account and information in google? Just like below link(which is provided by google)

http://googlecodesamples.com/hybrid/

This link can log in by user's google account, and list all the documents in user's google doc, so i guess by using OAuth can let me get user's account(such as example@gmail.com) and get relative information, but i don't know how to do?

PS. I use php to write my website


I can't code the whole thing for you, but I'll try and give you a general outline of how it's done.

Sample Request URL:

https://www.google.com/accounts/o8/id
?openid.ns=http://specs.openid.net/auth/2.0
&openid.ns.pape=http://specs.openid.net/extensions/pape/1.0
&openid.ns.max_auth_age=300
&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select
&openid.identity=http://specs.openid.net/auth/2.0/identifier_select
&openid.return_to=http://www.example.com/checkauth
&openid.realm=http://www.example.com/
&openid.assoc_handle=ABSmpf6DNMw
&openid.mode=checkid_setup
&openid.ui.ns=http://specs.openid.net/extensions/ui/1.0
&openid.ui.mode=popup
&openid.ui.icon=true
&openid.ns.ax=http://openid.net/srv/ax/1.0
&openid.ax.mode=fetch_request
&openid.ax.type.email=http://axschema.org/contact/email
&openid.ax.type.language=http://axschema.org/pref/language
&openid.ax.required=email,language 

Then, you should receive this response URL as a redirect that you need to intercept:

http://www.example.com/checkauth
?openid.ns=http://specs.openid.net/auth/2.0 
&openid.mode=id_res
&openid.op_endpoint=https://www.google.com/accounts/o8/ud
&openid.response_nonce=2008-09-18T04:14:41Zt6shNlcz-MBdaw
&openid.return_to=http://www.example.com:8080/checkauth
&openid.assoc_handle=ABSmpf6DNMw
&openid.signed=op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
&openid.sig=s/gfiWSVLBQcmkjvsKvbIShczH2NOisjzBLZOsfizkI=     &openid.identity=https://www.google.com/accounts/o8/id/id=ACyQatixLeLODscWvwqsCXWQ2sa3RRaBhaKTkcsvUElI6tNHIQ1_egX_wt1x3fAY983DpW4UQV_U
&openid.claimed_id=https://www.google.com/accounts/o8/id/id=ACyQatixLeLODscWvwqsCXWQ2sa3RRaBhaKTkcsvUElI6tNHIQ1_egX_wt1x3fAY983DpW4UQV_U 

Once you get that URL, you all set! Hope this helps.


You may want to use already existing authentication solution, rather than reinvent wheel:-) Since you are not specifying what server scripting language you are using, e.g. for PHP take a look at:

http://opauth.org/

It's pretty easy implementation and supports not only google account but many others. It also pulls out some of account information you are interested in.

... or google for something like "openID authentication framework" or "oauth framework":-)

0

精彩评论

暂无评论...
验证码 换一张
取 消