問題描述

我正在使用 Zend 框架和來自 http://code 的 openid 選擇器.google.com/p/openid-selector/ - 但是我發(fā)現(xiàn)我無法使用像 Google 和 Yahoo 這樣的網(wǎng)站登錄，因為它們使用基于直接身份的登錄系統(tǒng)，其中一個只是重定向到一個 url，而不是輸入一個用于身份驗證的唯一網(wǎng)址.

I'm using the Zend framework and the openid selector from http://code.google.com/p/openid-selector/ - however I find I can't login using sites like Google and Yahoo as they use direct identity based login system whereby one is just redirected to a url as opposed to entering a unique url of their own for authentication.

我檢查了許多選項和技巧，但似乎沒有一個有效.順便說一句，我怎樣才能讓它在這里工作 - 它是如何在堆棧溢出時實現(xiàn)的?我真的可以利用這里的所有幫助..

I've checked out many options and hacks but none of them seem to work. How can i get this to work here btw - how is it implemented at stack overflow? I could really use all the help here guys..

編輯

這里的問題是，我注意到 Zend OpenID 類不支持 OpenID 2.0，問題是典型的開放 ID 提供者為您提供了一個唯一的 URL，例如 your-name.openid-providor.com 或 openid-providor.com/your-name 和 Zend OpenId 類只是通過該 url 進(jìn)行解析，然后將您重定向到提供者網(wǎng)站，在那里進(jìn)行身份驗證后您將被重定向回來.

Well the issue here is that from what I have noticed is that the Zend OpenID class doesn't support OpenID 2.0 the thing is that a typical open ID providor gives you a unique url such as your-name.openid-providor.com or openid-providor.com/your-name and the Zend OpenId class just parses through that url and then redirects you to the providor website where upon authentication you are redirected back.

在雅虎和谷歌的情況下 - 你不輸入唯一的 url 而是你被重定向到提供者登錄站點，在登錄和身份驗證后你被重定向回來 - 所以基本上是什么是 zend_openID 對象解析時告訴誰是提供者，它無法從一般 url 本身中分辨出來.就像當(dāng)您點擊 Google 鏈接時，它會將您重定向到 https://www.google.com/帳戶/o8/id

In the case of Yahoo and google - you don't enter a unique url instead you are redirected to the providors login site and upon login and authentication you are redirected back - so basically whats happeining is that the zend_openID object when it parses to tell who the providor is it fails to tell from the general url itself. Like when you click on teh Google link it redirects you to https://www.google.com/accounts/o8/id

這里更多是 zend openid 對象的問題，并且在 zend 相關(guān)論壇上沒有任何幫助 - 所以我想知道是否有人已經(jīng)入侵或?qū)︻愡M(jìn)行了更改以實現(xiàn)此目的.抱歉，如果我遺漏了一些東西，但我對此有點陌生，并且使用開放 ID 進(jìn)行編程，并且剛剛開始涉足.

Its more an issue with the zend openid object here and there isn't any help on zend related forums - so I was wondering if someone had already hacked or had an alteration I could make to the class to accomplish this. Sorry if I'm missing something but I'm kinda new to this and programming with open ID and have just started to get my feet wet.

感謝您的跟進(jìn) - 不久前我確實檢查了 RPX，他們確實有一個 php 類，但我無法檢查它加上我現(xiàn)在真的只想讓在 stackoverflow 上使用的代碼選擇器工作與雅虎和谷歌身份驗證.必須有某種方法來調(diào)整 Zend OpenID 類使用的解析，因為它運行一系列正則表達(dá)式檢查以進(jìn)行發(fā)現(xiàn).

Thanks for the follow up - I did check into RPX a while back and they do have a php class but I wasnt able to check it out plus I really just want to for now get the code selector used as on stackoverflow to work with Yahoo and Google authentication. There has to be some kind of way to tweak the parsing which the Zend OpenID class uses as it runs a series of regular expression checks to make a discovery.

推薦答案

游戲有點晚了，但我能夠利用我在互聯(lián)網(wǎng)上發(fā)現(xiàn)的一些技巧來解決這個問題.

Little late to the game but I was able to get this working with some hacks I found around the interwebs.

首先.雅虎.為了讓 Yahoo 正常工作，我所要做的就是將 JavaScript 更改為使用 me.yahoo.com 而不是 yahoo.com 并且它與 Zend 版本完美配合我正在使用的框架.不幸的是，谷歌仍然沒有，所以需要進(jìn)行一些黑客攻擊.

First. Yahoo. To get Yahoo working all I had to do was change the JavaScript to use me.yahoo.com instead of just yahoo.com and it worked perfectly with the version of the Zend Framework I'm using. Unfortunately Google still wasn't, so some hacking was in order.

所有這些更改都在 Zend/OpenId/Consumer.php

首先，在 _discovery 方法中，在從 740 行左右開始的一系列 preg_match 檢查中添加以下內(nèi)容.

First, in the _discovery method add the following on the series of preg_match checks that starts at around line 740.

} else if (preg_match('/<URI>([^<]+)</URI>/i', $response, $r)) {
    $version = 2.0;
    $server = $r[1];

我在 else {} 塊中的 return false; 語句之前添加了這個.

I added this right before the return false; statement that's in the else {} block.

其次，在 _checkId 方法中，您需要添加 3 個新塊(我還沒有深入了解導(dǎo)致調(diào)用這三種情況中的每一種的原因，因此我涵蓋了所有為了安全起見.

Second, in the _checkId method you'll need to add 3 new blocks (I haven't dug around enough to know what causes each of these three cases to be called, so I covered all to be on the safe side.

在 $version <= 2.0 塊中，您會發(fā)現(xiàn)一個 if/else if/else 塊.在第一個 if 語句 ($this->_session !== null) 中添加:

Inside the $version <= 2.0 block, you'll find an if/else if/else block. In the first if statement ($this->_session !== null) add this to the end:

if ($server == 'https://www.google.com/accounts/o8/ud') {
    $this->_session->identity = 'http://specs.openid.net/auth/2.0/identifier_select';
    $this->_session->claimed_id = 'http://specs.openid.net/auth/2.0/identifier_select';
}

在 else if (defined('SID') 塊中將此添加到末尾:

In the else if (defined('SID') block add this to the end:

if ($server == 'https://www.google.com/accounts/o8/ud') {
    $_SESSION['zend_openid']['identity'] = 'http://specs.openid.net/auth/2.0/identifier_select';
    $_SESSION['zend_openid']['claimed_id'] = 'http://specs.openid.net/auth/2.0/identifier_select';
}

然后在 else 塊之后(所以在 if/else if/else 塊之外，但仍在 $version <= 2.0 塊內(nèi))添加:

And then after the else block (so outside the if/else if/else block all together, but still inside the $version <= 2.0 block) add this:

if ($server == 'https://www.google.com/accounts/o8/ud') {
    $params['openid.identity'] = 'http://specs.openid.net/auth/2.0/identifier_select';
    $params['openid.claimed_id'] = 'http://specs.openid.net/auth/2.0/identifier_select';
}

鏈接到 Zend 框架問題跟蹤器中的錯誤

這篇關(guān)于如何使用 Zend OpenID 實現(xiàn)基于直接身份的 OpenID 身份驗證的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！