OpenId通过Curl [英] OpenId via Curl

问题描述

如何使用Curl进行基于OpenId的身份验证？
首先我可以做吗？
Regards，
Allahbaksh

How can I do OpenId based authentication using Curl? At first place can I do it? Regards, Allahbaksh

推荐答案

我想你说的是curl命令行， 。我没有试过，但根据我所知道的OpenID和curl，应该是可能的。但是，不是完全自动化。如果你想要真正的休息和通用，你必须解析身份提供者和内容提供者登录页面的内容。如果你知道你要去哪里，不介意你的服务和客户端（没有hateoas），你可以先身份提供者身份验证，例如：

I suppose you are talking about the curl command line, not the library. I have not tried, but according to what I know of OpenID and curl, it should be possible. However, not fully automated. You'll have to "parse" the content of the identity provider and of the content provider login pages if you want to be realy restful and generic. If you know where you're going and don't mind to couple your service and client (no hateoas), you can first authenticate with the identity provider, e.g.:

curl -iSsL --user-agent 'Mozilla/5.0' --cookie cookies --cookie-jar  cookies \
       --data login=$mylogin \
       --data passwd=$mypasswd \
       https://identprovider.example.com/login

$ b b

，然后将您的OpenID发布到内容提供商：

and then post your OpenID to the content provider:

curl -iSsL --user-agent 'Mozilla/5.0' --cookie cookies --cookie-jar  cookies \
              --data openid="$myopenidurl" \
              http://contentprovider.example.com/login

这假设内容提供者已经被授权使用身份提供者。
然后获取您的内容：

This suppose that the content provider is already authorised to use the identity provider. Then get your content:

curl -iSsL --user-agent 'Mozilla/5.0' --cookie cookies --cookie-jar  cookies \
              http://contentprovider.example.com/interesting/content

请注意，这种方法并不安静，因为我对代码中的POST uris和字段进行了编码。要解耦客户端和服务器，必须从响应中提取uris和字段名称。在bash脚本中，您可以使用 sed 。

Note that this approach is not restful, since I hard encoded the POST uris and fields in the code. To decouple the client and the server, the uris and field names must be extracted from responses. In a bash script, you can use sed for example.

我认为应该可以工作，那么你必须遵循重定向并提取URI和表单，因为一些参数可以在重定向URI或隐藏表单字段中传递。

I think is should work, but if not, then you'll have to realy follow the redirects and extract URIs and forms, since some params can be passed in the redirect URIs or in hidden form fields.

这篇关于OpenId通过Curl的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！