堆栈内存溢出
  简体   繁体   English

Google如何生成其OpenID claim_id令牌?

[英]How does Google generate its OpenID claimed_id tokens?

 原文  2009-12-09 08:33:14       django/ openid/ django-openid-auth

问题描述

I'm using the django_openid_auth module and have it configured to automatically create new user accounts for new OpenIDs. 我正在使用django_openid_auth模块并将其配置为自动为新的OpenID创建新的用户帐户。 This makes the "sign up" process really trivial, but I'm a bit worried that because of the way that Google generates it's OpenID tokens it might accidentally create a new account for an existing user, giving them the impression the data in their original account has been lost. 这使得“注册”过程变得非常简单,但我有点担心,由于Google生成OpenID令牌的方式,它可能会意外地为现有用户创建一个新帐户,从而给他们留下原始数据的印象帐号已丢失。

As far as I can tell, Google will generate different claimed ID tokens for different domain names. 据我所知,谷歌将为不同的域名生成不同的声称ID令牌。 That is www.site.com and site.com would create two distinct tokens and therefore two accounts in my system. 那就是www.site.com,site.com会在我的系统中创建两个不同的令牌,因此会创建两个帐户。 I've fixed that by redirecting www.site.com to site.com. 我通过将www.site.com重定向到site.com来解决这个问题。

Are there any other gotchas I need to be aware of? 我还需要注意其他问题吗? And can anyone point me in the direction of some details on what Google use to generate the ID? 任何人都可以向我指出谷歌用于生成ID的一些细节吗?

2 个解决方案

解决方案1
 4 已采纳  2009-12-09 18:45:17

From the docs : 来自文档

openid.realm

Authenticated realm. 认证领域。 Identifies the domain that the end user is being asked to trust. 标识要求最终用户信任的域。 (Example: "http://*.myexamplesite.com") This value must be consistent with the domain defined in openid.return_to. (例如:“http://*.myexamplesite.com”)此值必须与openid.return_to中定义的域一致。 If this parameter is not defined, Google will use the URL referenced in openid.return_to . 如果未定义此参数,Google将使用openid.return_to引用的网址。

The value of realm is used on the Google Federated Login page to identify the requesting site to the user. 在Google联合登录页面上使用领域的值来标识用户的请求站点。 It is also used to determine the value of the persistent user ID returned by Google. 它还用于确定Google返回的持久用户ID的值。

解决方案2
 0  2009-12-09 18:09:43

StackOverflow had the same problems with different hash OpenID tokens. StackOverflow在使用不同的哈希OpenID令牌时遇到了同样的问题。 They detail there problems and a possible solution (Google profiles) on StackOverflow blog . 他们在StackOverflow博客上详述了问题和可能的解决方案(Google个人资料)。

http://blog.stackoverflow.com/2009/11/google-offers-named-openids/ http://blog.stackoverflow.com/2009/11/google-offers-named-openids/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 openid1_claimed_id的文档在哪里? - Where is documentation for openid1_claimed_id? django-social-auth获取声明的ID - django-social-auth obtain claimed id 当有人使用google或openid登录我的网站时,如何获取用户名和电子邮件? 谷歌返回什么? - How do i get the username and email when someone logins to my site using google or openid? What does google return? Django + Google SSO openid - Django + Google SSO openid 与谷歌Django openid身份验证 - Django openid authentication with google python 如何在过期后生成 Dorpbox 授权令牌? - How can python generate Dorpbox auth tokens after expire? 困惑于如何在Django-social-auth中应用Google和Yahoo OpenID - Confused on how to apply google and yahoo OpenID in Django-social-auth default_token_generator如何存储令牌? - How does default_token_generator store tokens? 如何忽略发送到Django REST Framework的CSRF令牌? - How does one ignore CSRF tokens sent to Django REST Framework? 哪个django OpenID库与新的Google OpenID一起使用 - Which django OpenID library works with new Google OpenID
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM