Which one should I use to index a user from a Openid auth proccess. "openid_identity" or "openid_claimed_id"? Im using Dope OpenId class and data returned is :
[openid_ns] => http://specs.openid.net/auth/2.0
[openid_mode] => id_res
[openid_return_to] => http://localhost/login/authenticate
[openid_claimed_id] => https://me.yahoo.com/a/wK7..MjM-#607
[openid_identity] => https://me.yahoo.com/a/wK7...MjM-
[openid_realm] => http://localhost/
[openid_assoc_handle] =>odm...j24yhwlT...2TOXQ9.sifIz3eLZoU.....jOoGM...9VPcMVavQkVgEQ--
[openid_response_nonce] => 2009-09-19T12:35:08Z95e...WtOYlQ--
[openid_signed] => assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed,ns.pape,pape.auth_level.ns.nist,pape.auth_level.nist,pape.auth_policies
[openid_op_endpoint] => https://open.login.yahooapis.com/openid/op/auth
[openid_ns_pape] => http://specs.openid.net/extensions/pape/1.0
[openid_pape_auth_level_ns_nist] => http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
[openid_pape_auth_level_nist] => 0
[openid_pape_auth_policies] => http://schemas.openid.net/pape/policies/2007/06/none
[openid_sig] => kO7......EitU=
Thanks
Use the openid.claimed_id
parameter as the logical primary key for users. Treat it as case sensitive, and use the entire value. Do not trim off the fragment or the scheme (protocol). Treat "http://" and "https://" protocols as entirely different, even if the rest of the URL is the same. In short, treat the openid.claimed_id
as an opaque value
that must entirely be stored for new users and entirely be matched for returning users.
The OpenID 2.0 specification explains further, but the short answer is above.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With