[Code] allowing users to supply an OP Identifier
Yang Zhao
yang at yangman.ca
Thu Dec 3 05:03:09 UTC 2009
2009/12/1 russell muetzelfeldt <russm-lists-openid-net at slofith.org>:
> What I can't figure out how to make work is our own OP so that it will respond to requests against an OP Identifier rather than a user's personal Identifier.
>
> All the code samples I've found for OPs assume that the users will be entering their own Identifier at the RP rather than being prompted for both identification and authentication (username/password) at the OP. (Also, I'm new to OpenID and don't really understand any of the XRDS/YADDIS stuff that seems to drive the discovery process.)
Simply always have your OP ask the user for an identity, and override
the claimed_id and identity fields in the reply on a successful
authentication.
In a normal flow, these fields will be populated by values determined
during discovery. Override them on response to assert a different
identity.
Cheers,
--
Yang Zhao
http://yangman.ca
More information about the Code
mailing list