具有通配符域的Google联合登录(混合OpenID + OAuth) [英] Google Federated Login (hybrid OpenID+OAuth) with wildcard realm
问题描述
我正在尝试实施Google的 OpenID + OAuth 协议,当openid.realm包含通配符时不起作用:
I'm trying to implement Google's OpenID+OAuth protocol, and it doesn't work when openid.realm contains a wildcard:
openid.realm: http://*.example.com
openid.ns.oauth = http://specs.openid.net/extensions/oauth/1.0
openid.oauth.consumer = www.example.com
openid.oauth.scope = https://www.googleapis.com/auth/userinfo.profile
OpenID进程按预期工作,但是OAuth扩展被静默忽略(响应中没有request_token;也没有错误).
The OpenID process works as expected, but the OAuth extension is silently ignored (no request_token in the response; no error either).
根据文档,这似乎受支持:
请记住,使用自动界面注册您的域 注册域必须与realm参数一致 与OpenID一起使用.例如,域名"www.somedomain.com" 与"http://*.somedomain.com"领域一致.
Use the automated interface to register your domain, keeping in mind that the registered domain must be consistent with the realm parameter being used with OpenID. For example, the domain "www.somedomain.com" is consistent with a realm of "http://*.somedomain.com".
它与http://www.example.com领域一起使用(回调接收到request_token参数),但是我无法更改该领域,因为这会阻止现有用户再次登录.
It works with a realm of http://www.example.com (the callback receives a request_token parameter), however I can't change the realm since this would prevent existing users from signing in again.
我在做什么错了?
推荐答案
consumer必须是实际域名,而不是通配符.此外,*.example.com指定example.com的子域; example.com与http://*.example.com
The consumer must be an actual domain name, not a wildcard. Also, *.example.com specifies a subdomain of example.com; example.com is not consistent with http://*.example.com
目前尚不清楚Goggle文档,但您可能需要在Google中注册您的网站以便将OpenID + OAuth与通配符域一起使用.如您所见, JohnS 能够获得
The Goggle documentation is unclear, but you may need to register your website with Google in order to use OpenID+OAuth with a wildcard domain. As you can see, JohnS was able to get OpenID+OAuth with a wildcard domain working with out any documented differences from your setup (other than using ex2 instead of ouath as the namespace alias, but that shouldn't matter).
这篇关于具有通配符域的Google联合登录(混合OpenID + OAuth)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
