Introduction OpenID Authentication 2.0 Revival
?
5 likes?1,856 views
The document discusses OpenID authentication and describes the flow between an Identity Provider and OpenID Provider. It includes code snippets for retrieving an XRDS document from an OpenID and generating an HMAC signature. The overall document provides information about OpenID authentication standards and protocols.
![[zigorou ~] $ lwp-request -S -e -d http://zigorou.myopenid.com/ | grep XRDS
X-XRDS-Location: http://zigorou.myopenid.com/?xrds=1
[zigorou ~] $ lwp-request http://zigorou.myopenid.com/?xrds=1
<?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?>
<xrds:XRDS
xmlns:xrds=quot;xri://$xrdsquot;
xmlns:openid=quot;http://openid.net/xmlns/1.0quot;
xmlns=quot;xri://$xrd*($v*2.0)quot;>
<XRD version=quot;2.0quot;>
<Service priority=quot;0quot;>
<Type>http://specs.openid.net/auth/2.0/signon</Type>
<Type>http://openid.net/sreg/1.0</Type>
<Type>http://openid.net/extensions/sreg/1.1</Type>
<Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type>
<Type>http://openid.net/srv/ax/1.0</Type>
<URI>http://www.myopenid.com/server</URI>
<LocalID>http://zigorou.myopenid.com/</LocalID>
</Service>](https://image.slidesharecdn.com/openidtechnight520090515-090519012206-phpapp02/85/Introduction-OpenID-Authentication-2-0-Revival-31-320.jpg)
Introduction OpenID Authentication 2.0 Revival
- 1. OpenID Tech Night #5
- 6. Identity Provider Identity Provider Identity Provider identity IdP ? ? Identity Identity OpenID
- 8. ?? ? ? ? ? ? ??匯 ? ? ? ?? ?
- 9. zigorou.myopenid.com ?? ? ? ? ? 徭 ? ?? 秘薦 ?
- 10. ?? ? ? ? ? ? ?? ? ?
- 11. ?? ? ?? ?
- 18. ? ? ? ? ? ?
- 19. ?? ? ? ? ? ? ?? ? ? ? ? ? ?
- 23. User-Supplied Identifier OP Identifier ? ? Claimed Identifier ? ? ?
- 27. ? ? ? ? ? ? ? Discovery ? ? ? ? ? ? Association ? ? ? ? ? ? ? ? ? ? Authenticate Request ? ? ? Authenticate Response ? ? ? ? ? ? ? Verification ?
- 29. ? ? ? ? ? ? ? Discovery ? ? ? ? ? ? Association ? ? ? ? ? ? ? ? ? ? Authenticate Request ? ? ? Authenticate Response ? ? ? ? ? ? ? Verification ?
- 31. [zigorou ~] $ lwp-request -S -e -d http://zigorou.myopenid.com/ | grep XRDS X-XRDS-Location: http://zigorou.myopenid.com/?xrds=1 [zigorou ~] $ lwp-request http://zigorou.myopenid.com/?xrds=1 <?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?> <xrds:XRDS xmlns:xrds=quot;xri://$xrdsquot; xmlns:openid=quot;http://openid.net/xmlns/1.0quot; xmlns=quot;xri://$xrd*($v*2.0)quot;> <XRD version=quot;2.0quot;> <Service priority=quot;0quot;> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/sreg/1.0</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> <Type>http://openid.net/srv/ax/1.0</Type> <URI>http://www.myopenid.com/server</URI> <LocalID>http://zigorou.myopenid.com/</LocalID> </Service>
- 45. ? ? ? ? ? ? ? Discovery ? ? ? ? ? ? ? Association ? ? ? ? ? ? ? ? ? Authenticate Request ? ? ? Authenticate Response ? ? ? ? ? ? ? Verification ?
- 49. #!/usr/bin/perl sub sig { my %pairs = @_; use strict; my $keyval = format_keyval(%pairs); use warnings; hmac_sha256_hex($keyval, $hmac_key); use Digest::SHA qw(hmac_sha256_hex); } use Perl6::Say; say sig( foo => quot;abcquot;, bar => quot;xyzquot; ); our $hmac_key = quot;common_secretquot;; 89b7f51ec9b76e97d5a179f313af38e6cc8b5cb086 sub format_keyval { 0e266caf6847ded05428ce my %pairs = @_; join quot;nquot; => map { $_ . ':' . $pairs{$_} } keys %pairs; }
- 53. ? ? ? ? ? ? ? Discovery ? ? ? ? ? ? ? Association ? ? ? ? ? ? ? ? ? Authenticate Request ? ? ? Authenticate Response ? ? ? ? ? ? ? Verification ?
- 63. ? ? ? ? ? ? ? Discovery ? ? ? ? ? ? Association ? ? ? ? ? ? ? ? ? ? Authenticate Request ? Authenticate ? ? Response ? ? ? ? ? ? ? Verification ?