[OpenID] XRDS RP discovery when dynamic pages allow logins?

John Panzer jpanzer at acm.org
Sun May 25 18:44:52 UTC 2008 

My use case is here: 
https://docs.google.com/a/google.com/Doc?docid=dc43mmng_2g6k9qzfb&hl=en


        5. Discovery

    A container declares what collection and features it supports, and
    provides templates for discovering them, via a simple discovery
    document.  A client starts the discovery process at the container's
    identifier URI (e.g., example.org).  The full flow is available at
    http://xrds-simple.net/core/1.0/; in a nutshell:

       1. Client GETs {container-url} with Accept: application/xrds+xml
       2. Container responds with either an X-XRDS-Location: header
          pointing to the discovery document, or the document itself.
       3. If the client received an X-XRDS-Location: header, follow it
          to get the discovery document.


    The discovery document is an XML file in the same format used for
    OpenID and OAuth discovery, defined at
    http://xrds-simple.net/core/1.0/:

        <XRDS xmlns="xri://$xrds">
            <XRD xmlns:simple="http://xrds-simple.net/core/1.0" xmlns="xri://$XRD*($v*2.0)" xmlns:os="http://ns.opensocial.org/" version="2.0">
                <Type>xri://$xrds*simple</Type>
                <Service>
                  <Type>http://ns.opensocial.org/people/0.8</Type>
                  <os:URI-Template>http://api.example.org/people/{guid}/{selector}{-prefix|/|pid}</URI-Template>
                </Service>
                <Service>
                  <Type>http://ns.opensocial.org/activities/0.8</Type>
                  <os:URI-Template>http://api.example.org/activities/{guid}/{selector}</URI-Template>
                </Service>
                <Service>
                  <Type>http://ns.opensocial.org/appdata/0.8</Type>
                  <os:URI-Template>http://api.example.org/appdata/{guid}/{selector}</URI-Template>
                </Service>
            </XRD>
        </XRDS>


    Each Service advertises a service provided by the container.  Each
    container MUST support the service Types documented below and MAY
    support others by advertising them in the discovery document.  Each
    service comprises a set of resources defined by the given URI
    Template (or URI, if there is only a single resource).  Clients
    follow the URIs and instantiate the templates to find and operate on
    specific resources.  (URI Template syntax is documented at
    http://www.ietf.org/internet-drafts/draft-gregorio-uritemplate-03.txt.)

    The set of substitution variables is fixed for each service Type. 
    The core set of service Types and their substitution variables is
    documented below.  Extensions to OpenSocial SHOULD document their
    substitution variables; note that a reasonable place to put human
    readable documentation is at the namespace URI.


Andrew Arnott wrote:
> Forwarding to rest of the list.
>
> ---------- Forwarded message ----------
> From: *Andrew Arnott* <andrewarnott at gmail.com 
> <mailto:andrewarnott at gmail.com>>
> Date: Sun, May 25, 2008 at 9:34 AM
> Subject: Re: [OpenID] XRDS RP discovery when dynamic pages allow logins?
> To: John <jpanzer at acm.org <mailto:jpanzer at acm.org>>
>
>
> Thanks, John.
>
> Can you (or anyone else) give or point to a simple example of an XRDS 
> document using this?  And what does "Needs an extension" mean?  That 
> it's not done as a spec in solving my problem, or that I need to 
> reference some extension namespace when I do this?
>
> Thanks again.
>
>
> On Sun, May 25, 2008 at 9:06 AM, John <jpanzer at acm.org 
> <mailto:jpanzer at acm.org>> wrote:
>
>     Suggestion: use uri templates (URI-Template element instead of
>     URI). Needs an extension.
>
>     -John
>
>
>     On May 25, 2008, at 7:33 AM, "Andrew Arnott"
>     <andrewarnott at gmail.com <mailto:andrewarnott at gmail.com>> wrote:
>
>         According to the OpenID 2.0 spec (as I read it), the RP
>         discovery feature requires that the return_to URL be found in
>         the XRDS doc published by the RP at the realm URL.  However,
>         some sites, such as blogs, allow logging in on virtually every
>         page on the site (thousands).  How should this be handled in
>         the XRDS document since it can't be practical to include
>         thousands of potential return_to URLs in the XRDS doc?
>
>         -- 
>         Andrew Arnott
>         _______________________________________________
>         general mailing list
>         general at openid.net <mailto:general at openid.net>
>         http://openid.net/mailman/listinfo/general
>
>
>
>
> -- 
> Andrew Arnott
>
>
>
> -- 
> Andrew Arnott
> ------------------------------------------------------------------------
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080525/efeb2cde/attachment-0001.htm>

More information about the general mailing list