开发者

AOL openid website verification

Iam trying to use AOL openid, nut am getting "AOL is unable to verify this website"

can somebody tell me the steps to avoid this error, what should I don 开发者_运维知识库on my end.

If there is some sample code please share it - thanks in advance

AOL openid website verification

Regards,

Navin


George thank you for you answer, however I have issue in make it work, my xrds file as follows

<?php
header('Content-type: application/xrds+xml');
$xrdstext = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
    $xrdstext =$xrdstext . "<xrds:XRDS";
    $xrdstext =$xrdstext ." xmlns:xrds=\"xri://$xrds\"";
    $xrdstext =$xrdstext ." xmlns:openid=\"http://openid.net/xmlns/1.0\"";
    $xrdstext =$xrdstext ." xmlns=\"xri://$xrd*($v*2.0)\">\n";
    $xrdstext =$xrdstext ."<XRD>\n";
    $xrdstext =$xrdstext ."<Service xmlns=\"xri://$xrd*($v*2.0)\">\n";
    $xrdstext =$xrdstext ."<Type>http://specs.openid.net/auth/2.0/return_to</Type>\n";
    $xrdstext =$xrdstext ."<URI>http://localhost:56709/myproject/socialoauth.aspx</URI>\n";
    $xrdstext =$xrdstext ."</Service>\n";
    $xrdstext =$xrdstext ."</XRD>\n";
    $xrdstext =$xrdstext ."</xrds:XRDS>";
echo $xrdstext;
?>  

and my request url is

https://api.screenname.aol.com/auth/openidServer?openid.claimed_id=http://openid.aol.com/navinleon&openid.identity=http://openid.aol.com/navinleon&openid.return_to=http://localhost:56709/myproject/socialoauth.aspx&openid.realm=http://mydomain.com/xrds/&openid.mode=checkid_setup&openid.assoc_handle=f457ae42e94c11e0811b002655277584&openid.ns=http://specs.openid.net/auth/2.0&openid.ns.alias3=http://openid.net/srv/ax/1.0&openid.alias3.if_available=alias5&openid.alias3.required=alias1,alias2,alias3,alias4,alias6,alias7&openid.alias3.mode=fetch_request&openid.alias3.type.alias1=http://axschema.org/namePerson/friendly&openid.alias3.count.alias1=1&openid.alias3.type.alias2=http://axschema.org/namePerson/first&openid.alias3.count.alias2=1&openid.alias3.type.alias3=http://axschema.org/namePerson/last&openid.alias3.count.alias3=1&openid.alias3.type.alias4=http://axschema.org/contact/country/home&openid.alias3.count.alias4=1&openid.alias3.type.alias5=http://axschema.org/pref/language&openid.alias3.count.alias5=1&openid.alias3.type.alias6=http://axschema.org/contact/email&openid.alias3.count.alias6=1&openid.alias3.type.alias7=http://axschema.org/birthDate&openid.alias3.count.alias7=1

am not sure what am doing wrong

please help...


So the reason for this error is that AOL is unable to verify the Rely Party return_to URL (per section 13 of the OpenID 2 spec [http://openid.net/specs/openid-authentication-2_0.html#rp_discovery]). This step is performed to protect the user from an attack where the realm specified doesn't match the return_to URL.

To get rid of this error, you need to support XRDS discovery via the specified realm string. Based on the screenshot, this just means adding support into the server running on localhost.

Basically, an HTTP request to http://localhost:56709 with an Accept HTTP header of application/xrds+xml should return either a response HTTP header of X-XRDS-Location with a value specifying the location of the XRDS file, or it can return the XRDS document directly.

The XRDS document should look something like this...

<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS
  xmlns:xrds="xri://$xrds"
  xmlns:openid="http://openid.net/xmlns/1.0"
  xmlns="xri://$xrd*($v*2.0)">
  <XRD>

  <Service xmlns="xri://$xrd*($v*2.0)">
    <Type>http://specs.openid.net/auth/2.0/return_to</Type>
    <URI>http://localhost:56709/return_to/url/path</URI>
  </Service>

  </XRD>
</xrds:XRDS>

NOTE: HTTP requests to localhost will fail as it's not possible to reach that site. The warning will continue until the XRDS document is deployed to a reachable site.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜