{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 来,给爷笑一个 的问题《How is OpenID implemented?》','https://www.manongdao.com/q-466814.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
How would you design and implement OpenID components?
(Was "How does OpenId work")
I realize this question is somewhat of a duplicate, and yes, I have read the spec and the wikipedia article.
After reading the materials mentioned above, I still don't have a complete picture in my head of how each step in the process is handled. Maybe what's missing is a good workflow diagram for how an implementation of OpenID works.
I'm considering incorporating OpenID into one of my applications to accomodate a B2B single-sign-on scenario, and I will probably go with DotNetOpenID instead of trying to implement it myself, but I still want a better grasp of the particulars before I get started.
Can anyone recommend books or websites that do a good job of explaining it all? It wouldn't hurt to have an answer that covers the basics here on this site as well.
[Edit]
I changed the title to be more implementation-specific, since there are obviously plenty of places to get the ten-thousand-foot view.
Jeff has a great article on OpenID where he shares his experiences:
OpenID: Does The World Really Need Yet Another Username and Password?
There are some links to tutorials on the official OpenID site:
http://openid.net/developers/
You can get a nice login-control for OpenID (which also is used here on stackoverflow) here:
http://www.idselector.com/
Check out Security Now podcast, episode 95. (Actually audio)
Also related:
The super-famous talk by Dick Hardt on Identity 2.0, I suppose almost everyone has watched it, but if you haven't it is a must see.
It is more about the reasoning of the need of things like Open ID and not necessarily about their implementation, though.
I recommend Joseph Smarr's Recipe for OpenID-Enabling Your Site.
I haven't read the DotNetOpenID docs, but I would hope whatever implementation you choose would also have some overview documentation and/or examples to illustrate usage of the API.
This page has a nice flow diagram.
I found this link on the OpenID Wiki, you might want to check there for more resources.