我应该使用哪一个来从Openid auth proccess索引用户. “openid_identity”或“openid_claimed_id”?我使用
Dope OpenId类,返回的数据是:
[openid_ns] => http://specs.openid.net/auth/2.0 [openid_mode] => id_res [openid_return_to] => http://localhost/login/authenticate [openid_claimed_id] => https://me.yahoo.com/a/wK7..MjM-#607 [openid_identity] => https://me.yahoo.com/a/wK7...MjM- [openid_realm] => http://localhost/ [openid_assoc_handle] =>odm...j24yhwlT...2TOXQ9.sifIz3eLZoU.....jOoGM...9VPcMVavQkVgEQ-- [openid_response_nonce] => 2009-09-19T12:35:08Z95e...WtOYlQ-- [openid_signed] => assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed,ns.pape,pape.auth_level.ns.nist,pape.auth_level.nist,pape.auth_policies [openid_op_endpoint] => https://open.login.yahooapis.com/openid/op/auth [openid_ns_pape] => http://specs.openid.net/extensions/pape/1.0 [openid_pape_auth_level_ns_nist] => http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf [openid_pape_auth_level_nist] => 0 [openid_pape_auth_policies] => http://schemas.openid.net/pape/policies/2007/06/none [openid_sig] => kO7......EitU=
谢谢
使用openid.claimed_id参数作为用户的逻辑主键.将其视为
case sensitive,并使用整个值.不要修剪片段或方案(协议).将“http://”和“https://”协议视为完全不同,即使URL的其余部分相同.简而言之,将openid.claimed_id视为不透明值
必须完全为新用户存储并完全匹配返回用户.
原文链接:https://www.f2er.com/php/133824.html必须完全为新用户存储并完全匹配返回用户.
OpenID 2.0 specification进一步解释,但简短的答案在上面.