OpenID Tech Night #5

Identity Provider
Identity Provider
Identity Provider
identity
IdP
Identity
Identity
OpenID

見
一

zigorou.myopenid.com
自
入力

User-Supplied
Identifier
OP Identifier
Claimed Identifier

Discovery
Association
Authenticate
Request
Authenticate
Response
Verification

Discovery
Association
Authenticate
Request
Authenticate
Response
Verification

[zigorou ~] $ lwp-request -S -e -d http://zigorou.myopenid.com/ | grep XRDS
X-XRDS-Location: http://zigorou.myopenid.com/?xrds=1
[zigorou ~] $ lwp-request http://zigorou.myopenid.com/?xrds=1
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<xrds:XRDS
xmlns:xrds=\"xri://$xrds\"
xmlns:openid=\"http://openid.net/xmlns/1.0\"
xmlns=\"xri://$xrd*($v*2.0)\">
<XRD version=\"2.0\">
<Service priority=\"0\">
<Type>http://specs.openid.net/auth/2.0/signon</Type>
<Type>http://openid.net/sreg/1.0</Type>
<Type>http://openid.net/extensions/sreg/1.1</Type>
<Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type>
<Type>http://openid.net/srv/ax/1.0</Type>
<URI>http://www.myopenid.com/server</URI>
<LocalID>http://zigorou.myopenid.com/</LocalID>
</Service>

Discovery
Association
Authenticate
Request
Authenticate
Response
Verification

#!/usr/bin/perl sub sig {
my %pairs = @_;
use strict; my $keyval = format_keyval(%pairs);
use warnings; hmac_sha256_hex($keyval,
$hmac_key);
use Digest::SHA qw(hmac_sha256_hex); }
use Perl6::Say;
say sig( foo => \"abc\", bar => \"xyz\" );
our $hmac_key = \"common_secret\";
89b7f51ec9b76e97d5a179f313af38e6cc8b5cb086
sub format_keyval { 0e266caf6847ded05428ce
my %pairs = @_;
join \"\\n\" => map { $_ . ':' . $pairs{$_} }
keys %pairs;
}

Discovery
Association
Authenticate
Request
Authenticate
Response
Verification

Discovery
Association
Authenticate
Request
Authenticate
Response
Verification