I am a little curious to know about how OpenID authentication works.
Is there any difference between OpenID authentication and the authentication which sites use exclusively for themselves?
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
What is OpenID?
OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID takes advantage of already existing internet technology (URI, HTTP, SSL, Diffie-Hellman) and realizes that people are already creating identities for themselves whether it be at their blog, photostream, profile page, etc. With OpenID you can easily transform one of these existing URIs into an account which can be used at sites which support OpenID logins.
OpenID
Difference between OpenID and conventional authentification form?
The difference is that the identification will be decentralized to an external site (for example Wordpress, Yahoo, ...). The website will know whether or not the identification is OK and let you login. Conventional website authentication performs a comparison with data held in a private database, so your username and password can be used to login to this website only. With OpenID you can use the same credentials on multiple websites.
How it works?
- You can see the Flow of operation here (image)
- Step-by-step activities here
- Step-by-step activities here (other blog)
Steps
- User connects to OpenID enabled website.
- User enters credential information.
- A POST is made with a BASE64 (website to provider)
- An answer is built (that contains expiration)
- The website redirects the user to the provider to login.
- User enters password and submit.
- Verification is done.
- Login!
回答2:
Here's a pretty good blog post with an extremely basic diagram.
回答3:
I stumbled across this great OpenID introduction which is neither too high-level nor too low-level.
http://wiki.openid.net/w/page/12995171/Introduction
It's a bit verbose, and more or less written as prose, but it's a fun read and very informative about what happens behind the scenes.
(Answer pasted from my answer at OpenID login workflow?.)
回答4:
Here is great explanation of OpenID concept. It has explained each and every steps to implement OpenID.
Another one called [Jan Rain] (http://janrain.com/openid-enabled/)
Another great step-by-step tutorial by Remy Sharp for OpenID
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 啃猪蹄的小仙女 的文章《How does OpenID authentication work?》','https://www.manongdao.com/article-70115.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}