Example usage of AX in PHP OpenID

2019-01-12 18:36发布

问题:

I'm using JanRain's PHP OpenID library. It comes with example script which is using SReg extension. But I want it to work with Google (and it works for auth actually), but Google uses AX (attribute exchange) instead of SReg for additional data. For some reason, JanRain's library is missing AX support in example script, and code comments in AX script are out of my understanding, though comments in SReg script are clear as 1-2-3.

Does anyone know how to implement AX without too much pain?

回答1:

Ran into the same issue. Some digging in AX.php got me a working start. Haven't looked for any bugs, nor tested beyond basic, nor tested with anyone other than Google. This is not pretty: needs error handling, etc. But this should get you started. Will post an update if I have something robust...

First to throw ...

//  oid_request.php

// Just tested this with/for Google, needs trying with others ...
$oid_identifier = 'https://www.google.com/accounts/o8/id';

// Includes required files
require_once "Auth/OpenID/Consumer.php";
require_once "Auth/OpenID/FileStore.php";
require_once "Auth/OpenID/AX.php";

// Starts session (needed for YADIS)
session_start();

// Create file storage area for OpenID data
$store = new Auth_OpenID_FileStore('./oid_store');

// Create OpenID consumer
$consumer = new Auth_OpenID_Consumer($store);

// Create an authentication request to the OpenID provider
$auth = $consumer->begin($oid_identifier);

// Create attribute request object
// See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
// Usage: make($type_uri, $count=1, $required=false, $alias=null)
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email',2,1, 'email');
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first',1,1, 'firstname');
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last',1,1, 'lastname');

// Create AX fetch request
$ax = new Auth_OpenID_AX_FetchRequest;

// Add attributes to AX fetch request
foreach($attribute as $attr){
    $ax->add($attr);
}

// Add AX fetch request to authentication request
$auth->addExtension($ax);

// Redirect to OpenID provider for authentication
$url = $auth->redirectURL('http://localhost:4001', 'http://localhost:4001/oid_catch.php');
header('Location: ' . $url);

... and then to catch

<?php

//  oid_catch.php

// Includes required files
require_once "Auth/OpenID/Consumer.php";
require_once "Auth/OpenID/FileStore.php";
require_once "Auth/OpenID/AX.php";

// Starts session (needed for YADIS)
session_start();

// Create file storage area for OpenID data
$store = new Auth_OpenID_FileStore('./oid_store');

// Create OpenID consumer
$consumer = new Auth_OpenID_Consumer($store);

// Create an authentication request to the OpenID provider
$auth = $consumer->complete('http://localhost:4001/oid_catch.php');

if ($response->status == Auth_OpenID_SUCCESS) {
    // Get registration informations
    $ax = new Auth_OpenID_AX_FetchResponse();
    $obj = $ax->fromSuccessResponse($response);

    // Print me raw
    echo '<pre>';
    print_r($obj->data);
    echo '</pre>';
    exit;


} else {
  // Failed
}

Those ought to be the basics...



回答2:

The request half is working, however I am getting failure in the Catch.

Should the line above

$auth = $consumer->complete('http://localhost:4001/oid_catch.php');

be

$response = $consumer->complete('http://localhost:4001/oid_catch.php');

Otherwise, where does the response object come from? I am not getting returned the openid.current_url in my response to check the url with?