Steam OpenId 和 Play Framework

Question

Steam OpenId 和 Play Framework

4

我在使用Steam作为OpenId提供商时遇到了问题。一切都很正常，直到回调到我的网站时，我看到了Steam登录网页并且可以用我的用户登录，但当回调执行时，我会得到一个异常。

我使用的是play 2.2和Scala。代码与play文档中的代码非常相似。

  def loginPost = Action.async { implicit request =>
    OpenID.redirectURL("http://steamcommunity.com/openid",
      routes.Application.openIDCallback.absoluteURL(),
      realm = Option("http://mydomain.com/"))
      .map(url => Redirect(url))
      .recover { case error => Redirect(routes.Application.login) }
  }

  def openIDCallback = Action.async { implicit request =>
      OpenID.verifiedId.map(info => Ok(info.id + "\n" + info.attributes))
       .recover {
          case error =>
            println(error.getMessage()) //prints null
            Redirect(routes.Application.login)
        }
  }

堆栈跟踪：

Internal server error, for (GET) [/steam/login?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=error&openid.error=Invalid+claimed_id+or+identity] ->

play.api.Application$$anon$1: Execution exception[[BAD_RESPONSE$: null]]
    at play.api.Application$class.handleError(Application.scala:293) ~[play_2.10.jar:2.2.1]
    at play.api.DefaultApplication.handleError(Application.scala:399) [play_2.10.jar:2.2.1]
    at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$12$$anonfun$apply$1.applyOrElse(PlayDefaultUpstreamHandler.scala:165) [play_2.10.jar:2.2.1]
    at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$12$$anonfun$apply$1.applyOrElse(PlayDefaultUpstreamHandler.scala:162) [play_2.10.jar:2.2.1]
    at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:33) [scala-library-2.10.3.jar:na]
    at scala.util.Failure$$anonfun$recover$1.apply(Try.scala:185) [scala-library-2.10.3.jar:na]
Caused by: play.api.libs.openid.Errors$BAD_RESPONSE$: null
    at play.api.libs.openid.Errors$BAD_RESPONSE$.<clinit>(OpenIDError.scala) ~[play_2.10.jar:2.2.1]
    at play.api.libs.openid.OpenIDClient.verifiedId(OpenID.scala:111) ~[play_2.10.jar:2.2.1]
    at play.api.libs.openid.OpenIDClient.verifiedId(OpenID.scala:92) ~[play_2.10.jar:2.2.1]
    at controllers.Application$$anonfun$openIDCallback$1.apply(Application.scala:29) ~[classes/:2.2.1]
    at controllers.Application$$anonfun$openIDCallback$1.apply(Application.scala:28) ~[classes/:2.2.1]
    at play.api.mvc.Action$.invokeBlock(Action.scala:357) ~[play_2.10.jar:2.2.1]

我看到返回的URL中有这个错误信息openid.error=Invalid+claimed_id+or+identity，但找不到任何相关的内容。我缺失了什么吗？谢谢。

- Federico Perez

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- David Meyer · Accepted Answer

这是因为Play框架的OpenID类没有正确生成重定向URL。请在代码中输出此行中url变量的值：

.map(url => Redirect(url))

很可能是这个样子：

它大概长成这样：

https://steamcommunity.com/openid/login?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
 &openid.mode=checkid_setup
 &openid.claimed_id=http%3A%2F%2Fsteamcommunity.com%2Fopenid
 &openid.identity=http%3A%2F%2Fsteamcommunity.com%2Fopenid
 &openid.return_to=http%3A%2F%2Fwww.mydomain.com%2Fsteam%2Flogin
 &openid.realm=http%3A%2F%2Fwww.mydomain.com

根据OpenID 2.0规范（特别是http://openid.net/specs/openid-authentication-2_0.html#discovered_info），此处不正确：

如果最终用户输入了OpenID提供者（OP）标识符，则没有声明的标识符。为了进行OpenID身份验证请求，当输入OP标识符时，必须使用值“http://specs.openid.net/auth/2.0/identifier_select”作为声明的标识符和OP本地标识符。

基于此，生成的重定向url变量应该是：

https://steamcommunity.com/openid/login?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
 &openid.mode=checkid_setup
 &openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select
 &openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select
 &openid.return_to=http%3A%2F%2Fwww.mydomain.com%2Fsteam%2Flogin
 &openid.realm=http%3A%2F%2Fwww.mydomain.com

我已在Play Framework问题跟踪器上为此撰写了一个问题：

https://github.com/playframework/playframework/issues/3740

与此同时，作为一种临时的解决方案，您可以在url变量上使用任意数量的字符串替换技术来设置openid.claimed_id和openid.identity参数为正确的http://specs.openid.net/auth/2.0/identifier_select值。