{"id":173,"date":"2011-01-26T17:20:04","date_gmt":"2011-01-26T17:20:04","guid":{"rendered":"http:\/\/blog.igloonet.cz\/?p=173"},"modified":"2014-08-11T22:30:43","modified_gmt":"2014-08-11T20:30:43","slug":"autentizace-uzivatelu-pomoci-openid","status":"publish","type":"post","link":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/","title":{"rendered":"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID"},"content":{"rendered":"<div id=\"fb-root\"><\/div>\n<p>Tento \u010dl\u00e1nek by m\u011bl v&nbsp;prv\u00e9 \u0159ad\u011b p\u0159edstavit slu\u017ebu OpenID, kter\u00e1 umo\u017e\u0148uje pou\u017e\u00edvat jeden u\u017eivatelsk\u00fd \u00fa\u010det pro v\u00edce webov\u00fdch slu\u017eeb. Zejm\u00e9na by m\u011bl pomoci v\u0161em v\u00fdvoj\u00e1\u0159\u016fm v&nbsp;programovac\u00edm jazyce PHP, kte\u0159\u00ed se rozhodli p\u0159ihla\u0161ov\u00e1n\u00ed pomoc\u00ed OpenID integrovat do&nbsp;sv\u00fdch str\u00e1nek.<!--more--><\/p>\n<h2>Co si lze p\u0159edstavit pod&nbsp;pojmem OpenID?<\/h2>\n<p>Pokud provozujete webovou slu\u017ebu, je pro V\u00e1s rozhoduj\u00edc\u00edm faktorem n\u00e1v\u0161t\u011bvnost str\u00e1nek. Pokud nav\u00edc po\u017eadujete registraci, je trendem posledn\u00ed doby cel\u00fd tento proces maxim\u00e1ln\u011b zjednodu\u0161ovat. U\u017eivatel\u00e9 necht\u011bj\u00ed vypl\u0148ovat zbyte\u010dn\u00e9 \u00fadaje, necht\u011bj\u00ed se zdr\u017eovat vypl\u0148ov\u00e1n\u00edm dlouh\u00fdch formul\u00e1\u0159\u016f. S&nbsp;postupem \u010dasu nav\u00edc p\u0159ib\u00fdv\u00e1 po\u010det p\u0159\u00edstupov\u00fdch \u00fadaj\u016f, kter\u00e9 je nutn\u00e9 si pamatovat. Z&nbsp;toho d\u016fvodu vznikla slu\u017eba OpenID, kter\u00e1 se sna\u017e\u00ed v\u0161echny tyto zm\u00edn\u011bn\u00e9 probl\u00e9my odstranit a&nbsp;v\u0161e maxim\u00e1ln\u011b zjednodu\u0161it.<\/p>\n<p><a href=\"http:\/\/cs.wikipedia.org\/wiki\/OpenID\">Wikipedie<\/a> tento pojem popisuje n\u00e1sledovn\u011b:<\/p>\n<p><cite>OpenID je otev\u0159en\u00fd, decentralizovan\u00fd standard pro autentizaci u\u017eivatel\u016f. Umo\u017e\u0148uje pou\u017e\u00edvat jeden u\u017eivatelsk\u00fd \u00fa\u010det pro v\u00edce slu\u017eeb, nap\u0159\u00edklad pro r\u016fzn\u00e9 webov\u00e9 slu\u017eby od&nbsp;r\u016fzn\u00fdch poskytovatel\u016f. OpenID m\u00e1 tvar unik\u00e1tn\u00edho URL, ke&nbsp;kter\u00e9mu je p\u0159i\u0159azeno heslo. Webov\u00e1 str\u00e1nka, kter\u00e1 umo\u017e\u0148uje autentizaci u\u017eivatel\u016f pomoc\u00ed OpenID p\u0159i p\u0159ihla\u0161ov\u00e1n\u00ed u\u017eivatele p\u0159esm\u011bruje po\u017eadavek na&nbsp;ov\u011b\u0159en\u00ed identity na&nbsp;spr\u00e1vce OpenID \u00fa\u010dtu a&nbsp;ten vr\u00e1t\u00ed informaci o&nbsp;povolen\u00ed \u010di zam\u00edtnut\u00ed \u017e\u00e1dosti o&nbsp;autentizaci. P\u0159enos autentiza\u010dn\u00edch a&nbsp;autoriza\u010dn\u00edch informac\u00ed zaji\u0161\u0165uje protokol <a href=\"http:\/\/cs.wikipedia.org\/wiki\/SAML\">SAML<\/a>.<\/cite><\/p>\n<h2>Co je nutn\u00e9 zjistit na&nbsp;za\u010d\u00e1tku v\u00fdvoje?<\/h2>\n<p>Aby bylo v\u016fbec mo\u017en\u00e9 testovat p\u0159ihla\u0161ov\u00e1n\u00ed p\u0159es OpenID, je nutn\u00e9 se nejprve zaregistrovat u&nbsp;n\u011bkter\u00e9ho z&nbsp;poskytovatel\u016f OpenID. Je jich cel\u00e1 \u0159ada. P\u0159\u00edkladem m\u016f\u017ee b\u00fdt:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.myopenid.com\/\">MyOpenID<\/a><\/li>\n<li><a href=\"https:\/\/www.mojeid.cz\/\">MojeID<\/a><\/li>\n<li><a href=\"http:\/\/napoveda.seznam.cz\/cz\/login\/openid\/jak-pouzit-seznam-openid\/\">\u010cesk\u00fd seznam.cz<\/a><\/li>\n<\/ul>\n<p>J\u00e1 jsem pou\u017eil zahrani\u010dn\u00ed MyOpenID. Po zaregistrov\u00e1n\u00ed doporu\u010duji je\u0161t\u011b slu\u017ebu spr\u00e1vn\u011b nastavit, a\u0165 m\u016f\u017eete ozkou\u0161et v\u0161echny jej\u00ed mo\u017enosti. P\u0159idejte novou osobu, kter\u00e1 bude vystupovat v&nbsp;r\u00e1mci Va\u0161eho \u00fa\u010dtu (v&nbsp;menu Your Account &gt; Registration Personas), jak je mo\u017en\u00e9 vid\u011bt na&nbsp;p\u0159ilo\u017een\u00e9m obr\u00e1zku. T\u00e9to osob\u011b nastavte tak\u00e9 emailovou adresu. D\u00edky tomu, bude mo\u017en\u00e9 na&nbsp;Va\u0161ich str\u00e1nk\u00e1ch po p\u0159ihl\u00e1\u0161en\u00ed zjistit emailovou adresu nov\u00e9ho u\u017eivatele, kterou m\u016f\u017eete v&nbsp;budoucnu vyu\u017e\u00edt nap\u0159\u00edklad k&nbsp;zas\u00edl\u00e1n\u00ed novinek.<\/p>\n<p><img decoding=\"async\" src=\"\/blog\/wp-content\/uploads\/2011\/01\/screen.png\" alt=\"Registrace osoby p\u0159es slu\u017ebu MyOpenID\" \/><\/p>\n<h2>Jak to v&nbsp;praxi funguje?<\/h2>\n<ol>\n<li>Vypln\u00edm v&nbsp;p\u0159ihla\u0161ovac\u00edm formul\u00e1\u0159i na&nbsp;Va\u0161ich str\u00e1nk\u00e1ch p\u0159id\u011blen\u00e9 OpenID.<\/li>\n<li>Syst\u00e9m p\u0159esm\u011bruje na&nbsp;server poskytovatele slu\u017eby OpenID<\/li>\n<li>Budete vyzv\u00e1n\u00ed k&nbsp;zad\u00e1n\u00ed hesla. V&nbsp;budoucnu je mo\u017en\u00e9 tento krok p\u0159esko\u010dit t\u00edm, \u017ee&nbsp;potvrd\u00edte, aby v\u0161echny po\u017eadavky z&nbsp;Va\u0161ich str\u00e1nek a&nbsp;vztahuj\u00edc\u00ed se k&nbsp;Va\u0161emu OpenID automaticky syst\u00e9m bral za schv\u00e1len\u00e9. Ale z&nbsp;hlediska v\u011bt\u0161\u00ed bezpe\u010dnosti doporu\u010duji poka\u017ed\u00e9 nechat mo\u017enost zad\u00e1vat heslo.<\/li>\n<li>Pokud bude heslo ov\u011b\u0159eno, zobraz\u00ed se tla\u010d\u00edtko, kter\u00e9 V\u00e1s p\u0159esm\u011bruje zp\u011bt na&nbsp;Va\u0161e str\u00e1nky s&nbsp;informac\u00ed, \u017ee&nbsp;v\u0161echno prob\u011bhlo v&nbsp;po\u0159\u00e1dku.<\/li>\n<li>Syst\u00e9m tento po\u017eadavek zpracuje. Pokud to je Va\u0161e prvn\u00ed p\u0159ihl\u00e1\u0161en\u00ed, tak V\u00e1s z\u00e1rove\u0148 zaregistruje. Pokud jste se n\u011bkdy v&nbsp;minulosti t\u00edmto zp\u016fsobem p\u0159ihla\u0161oval, tak V\u00e1s rovnou p\u0159ihl\u00e1s\u00ed.<\/li>\n<li>Va\u0161e str\u00e1nky MOHOU z\u00edskat od&nbsp;poskytovatele OpenID dal\u0161\u00ed informace, se kter\u00fdmi lze d\u00e1le pracovat - e-mail, adresa apod. Toto v\u0161ak nen\u00ed podm\u00ednkou. Ne ka\u017ed\u00fd m\u00e1 tyto \u00fadaje uveden\u00e9.<\/li>\n<\/ol>\n<\/ul>\n<h2>Za\u010d\u00edn\u00e1me implementovat<\/h2>\n<h3>Pomocn\u00e9 knihovny<\/h3>\n<p>Abych nemusel ve\u0161kerou komunikaci programovat od&nbsp;za\u010d\u00e1tku, pou\u017eil jsem jednu z&nbsp;dostupn\u00fdch knihoven pro pr\u00e1ci s&nbsp;OpenID. V&nbsp;m\u00e9m p\u0159\u00edpad\u011b se jedn\u00e1 o&nbsp;hojn\u011b pou\u017e\u00edvanou knihovnu SimpleOpenID, kter\u00e1 je k&nbsp;dispozici ke&nbsp;sta\u017een\u00ed t\u0159eba na&nbsp;<a href=\"http:\/\/www.phpclasses.org\/package\/3290-PHP-Authenticate-users-with-OpenID-single-sign-on.html\">webu www.phpclasses.org<\/a>. Knihovnu nen\u00ed t\u0159eba nijak speci\u00e1ln\u011b nastavovat.<\/p>\n<h3>Ukl\u00e1d\u00e1n\u00ed do&nbsp;datab\u00e1ze<\/h3>\n<p>Pokud m\u00e1me syst\u00e9m, kter\u00fd umo\u017en\u00ed z\u00e1kazn\u00edk\u016fm registraci, bude pravd\u011bpodobn\u011b sv\u00e1z\u00e1n i&nbsp;s&nbsp;datab\u00e1z\u00ed. Ve\u0161ker\u00e9 detaily u\u017eivatele budeme evidovat v&nbsp;n\u011bkter\u00e9 tabulce. Pro jednoduchost uva\u017eujme tabulku <em>users<\/em>. Pro pot\u0159eby pr\u00e1ce s&nbsp;OpenID mus\u00edme ud\u011blat n\u00e1sleduj\u00edc\u00ed roz\u0161\u00ed\u0159en\u00ed:<\/p>\n<pre>\r\nalter table users add column identity char(255) not null;\r\n\r\ncreate table user_openids\r\n(\r\n  id int not null auto_increment,\r\n  identity char(255) not null, # toto je na\u0161e kl\u00ed\u010dov\u00e1 polo\u017eka\r\n  openid char(255) not null,\r\n  server char(255) not null,  \r\n\r\n  primary key (id),\r\n  index openid (openid)\r\n);\r\n<\/pre>\n<p>Sloupec <em>identity<\/em> v&nbsp;tabulce <em>users<\/em> je kl\u00ed\u010d, kter\u00fd dovoluje u\u017eivatel\u016fm m\u00edt n\u011bkolik n\u011bkolik OpenID ukazuj\u00edc\u00edch na&nbsp;jednu spole\u010dnou identitu.<\/p>\n<p>Tabulka <em>user_openids<\/em> je d\u016fle\u017eit\u00e1, proto\u017ee dovoluje n\u00e1sleduj\u00edc\u00ed vztahy:<\/p>\n<ul>\n<li>OpenID <em>http:\/\/test.myopenid.com\/<\/em> bude m\u00edt p\u0159i\u0159azenu identitu <em>test.myopenid.com<\/em><\/li>\n<li>OpenID <em>test.myopenid.com<\/em> bude m\u00edt p\u0159i\u0159azenu identitu <em>test.myopenid.com<\/em><\/li>\n<li>OpenID <em>http:\/\/test.myopenid.com<\/em> bude m\u00edt p\u0159i\u0159azenu identitu <em>test.myopenid.com<\/em><\/li>\n<li>OpenID <em>http:\/\/test.com<\/em> bude m\u00edt p\u0159i\u0159azenu identitu <em>test.myopenid.com<\/em>(v&nbsp;ur\u010dit\u00fdch p\u0159\u00edpadech)<\/li>\n<li>apod.<\/li>\n<\/ul>\n<p>Jak lze tedy vid\u011bt OpenID je v&nbsp;podstat\u011b adresa. Je tedy mo\u017en\u00e9 r\u016fzn\u00e9 tvary OpenID adresy reprezentovat jako jednu identitu. Tabulka <em>user_openids<\/em> n\u00e1m dovol\u00ed ulo\u017eit tyto r\u016fzn\u00e9 vztahy. P\u0159i p\u0159\u00ed\u0161t\u00edm p\u0159ihl\u00e1\u0161en\u00ed stejn\u00e9ho u\u017eivatele nemus\u00edme zji\u0161\u0165ovat znovu identitu, ale pouze ji dohled\u00e1me v&nbsp;datab\u00e1zi. Samotn\u00e9 zji\u0161t\u011bn\u00ed identity (nap\u0159. identita test.myopenid.com z&nbsp;OpenID http:\/\/test.myopenid.com\/) se toti\u017e d\u011bje pomoc\u00ed dal\u0161\u00edho HTTP po\u017eadavku, tak\u017ee si u\u0161et\u0159\u00edme n\u011bjakou re\u017eii.<\/p>\n<h2>Zpracov\u00e1n\u00ed po\u017eadavk\u016f<\/h2>\n<h3>Po\u010d\u00e1te\u010dn\u00ed po\u017eadavek na&nbsp;zpracov\u00e1n\u00ed OpenID<\/h3>\n<p>V prv\u00e9 \u0159ad\u011b je pot\u0159eba na&nbsp;str\u00e1nku um\u00edstit p\u0159ihla\u0161ovac\u00ed formul\u00e1\u0159, kter\u00fd se postar\u00e1 o&nbsp;odesl\u00e1n\u00ed p\u0159\u00edslu\u0161n\u00e9ho OpenID identifik\u00e1toru. N\u00e1sleduje uk\u00e1zka k\u00f3du na&nbsp;zpracov\u00e1n\u00ed takto odeslan\u00fdch dat:<\/p>\n<pre>\r\nrequire('class.openid.v2.php');\r\n\r\nif ($_POST) {\r\n    $openid = new OpenIDService();\r\n    $openid-&gt;SetIdentity($_POST['openid_identifier']); # n\u00e1\u0161 OpenID identifik\u00e1tor zadan\u00fd do formul\u00e1\u0159e\r\n     $openid-&gt;SetTrustRoot('http:\/\/' . $_SERVER[\"HTTP_HOST\"]); # URL port\u00e1lu\r\n     $openid-&gt;SetApprovedURL('http:\/\/' . $_SERVER[\"HTTP_HOST\"] . '\/prihlaseni-openid'); # URL na kterou p\u0159esm\u011brujeme zp\u011bt po \u00fasp\u011b\u0161n\u00e9m ov\u011b\u0159en\u00ed OpenID \r\n\r\n    $openid-&gt;SetRequiredFields(array('email'));\r\n    $openid-&gt;SetOptionalFields(array('fullname'));\r\n\r\n    if (list($server, $identity) = get_openid_server($_POST['openid_identifier'])) {\r\n        $openid-&gt;SetOpenIDServer($server);\r\n        $openid-&gt;SetIdentity($identity);\r\n\r\n        \/\/ p\u0159esm\u011brujeme u\u017eivatele na str\u00e1nky poskytovatele OpenID kv\u016fli autentizaci\r\n        $openid-&gt;Redirect();\r\n    }\r\n    else {\r\n        if ($server = $openid-&gt;GetOpenIDServer()) {\r\n            \/\/ optimalizace cel\u00e9ho procesu t\u00edm, \u017ee do budoucna si zji\u0161t\u011bn\u00e9 hodnoty zde ulo\u017e\u00edme\r\n            $identity = $openid-&gt;GetIdentity();\r\n            save_openid_server($_POST['openid_identifier'], $server, $identity);\r\n\r\n            \/\/ p\u0159esm\u011brujeme u\u017eivatele na str\u00e1nky poskytovatele OpenID kv\u016fli autentizaci\r\n            $openid-&gt;Redirect();\r\n        } else {\r\n            \/\/ DO\u0160LO K CHYB\u011a\r\n        }\r\n    }\r\n}\r\n<\/pre>\n<p>V uveden\u00e9m k\u00f3du m\u00e1m 2 pomocn\u00e9 funkce. Prvn\u00ed z&nbsp;nich je <em>get_openid_server($openid)<\/em>, kter\u00e1 vykon\u00e1 n\u00e1sleduj\u00edc\u00ed SQL dotaz:<\/p>\n<pre>\r\nSELECT identity, server \r\nFROM user_openids\r\nWHERE openid LIKE '$openid'\r\n<\/pre>\n<p>Druh\u00e1 funkce <em>save_openid_server($openid, $server, $identity)<\/em> naopak ukl\u00e1d\u00e1 dohledan\u00e9 \u00fadaje k&nbsp;OpenID:<\/p>\n<pre>\r\nINSERT INTO user_openids\r\nSET openid = '$openid',\r\n    server = '$server',\r\n    identity = '$identity'\r\n<\/pre>\n<p>V\u00fd\u0161e uveden\u00fd PHP k\u00f3d n\u00e1m zjist\u00ed server pro danou slu\u017ebu OpenID a&nbsp;p\u0159esm\u011bruje na&nbsp;n\u011bj kv\u016fli ov\u011b\u0159en\u00ed identity.<\/p>\n<h3>Zpracov\u00e1n\u00ed odpov\u011bdi od&nbsp;OpenID serveru<\/h3>\n<p>Pokud se n\u00e1m poda\u0159\u00ed ov\u011b\u0159it na\u0161\u00ed identitu na&nbsp;stran\u011b poskytovatele OpenID, budeme vyzv\u00e1ni k&nbsp;p\u0159esm\u011brov\u00e1n\u00ed zp\u011bt na&nbsp;na\u0161\u00ed str\u00e1nku. P\u0159esm\u011brov\u00e1ni budeme na&nbsp;adresu, kter\u00e1 byla zad\u00e1na p\u0159i prvn\u00edm zpracov\u00e1n\u00ed odeslan\u00fdch dat, pomoc\u00ed n\u00e1sleduj\u00edc\u00edho p\u0159\u00edkazu:<\/p>\n<pre>\r\n$openid-&gt;SetApprovedURL('http:\/\/' . $_SERVER[\"HTTP_HOST\"] . '\/prihlaseni-openid'); # URL na kterou p\u0159esm\u011brujeme zp\u011bt po \u00fasp\u011b\u0161n\u00e9m ov\u011b\u0159en\u00ed OpenID \r\n<\/pre>\n<p>Te\u010f je jen na&nbsp;\u0159ad\u011b rozpoznat odpov\u011b\u010f od&nbsp;poskytovatele OpenID a&nbsp;podle toho bu\u010f u\u017eivatele zaregistrovat, p\u0159ihl\u00e1sit nebo celou akci zam\u00edtnout. O&nbsp;v\u0161e se postar\u00e1 n\u00e1sleduj\u00edc\u00ed k\u00f3d:<\/p>\n<pre>\r\nrequire('class.openid.v2.php');\r\n\r\nif ($_GET['openid_mode'] == 'id_res') {\r\n\r\n    $openid = new OpenIDService();\r\n    $identity = $_GET['openid_identity'];\r\n    $openid-&gt;SetIdentity($identity);\r\n    $openid_validation_result = $openid-&gt;ValidateWithServer();\r\n\r\n    if ($openid_validation_result) {\r\n\r\n        $user = load_user_by_openid($identity);\r\n        if (!$user) {\r\n\r\n            $create_res = create_user_by_identity($identity, $_GET[openid_sreg_email]);\r\n            if ($create_res) {\r\n                # V\u0160E PROB\u011aHLO OK, U\u017dIVATEL BYL \u00daSP\u011a\u0160N\u011a ZAREGISTROV\u00c1N. NYN\u00cd P\u0158IHL\u00c1S\u00cdME U\u017dIVATELE (t\u0159eba do SESSION)\r\n            }\r\n            else {\r\n                # NEPODA\u0158ILO SE U\u017dIVATELE ZAREGISTROVAT\r\n            }\r\n\r\n        }\r\n        else {\r\n            # V\u0160E PROBL\u011aHLO OK, P\u0158IHL\u00c1S\u00cdME U\u017dIVATELE\r\n        }\r\n\r\n    }\r\n    else if ($openid-&gt;IsError() == true) {\r\n         # DO\u0160LO K CHYB\u011a, KTER\u00c1 BUDE POPSAN\u00c1 V N\u00c1SLEDUJ\u00cdC\u00cdCH PROM\u011aNN\u00ddCH\r\n         $error = $openid-&gt;GetError();\r\n         $error_code =  $error['code'];\r\n         $error_string = $error['description'];\r\n    }\r\n    else {\r\n         # CHYBA, NEOPR\u00c1VN\u011aN\u00c1 AUTORIZACE\r\n    }\r\n}\r\nelseif ($_GET['openid_mode'] == 'cancel') {\r\n    # CHYBA. POKUD DOSTANEME OD SERVERU TUTO ODPOV\u011a\u010e, TAK U\u017dIVATEL STORNOVAL P\u0158IHLA\u0160OVAC\u00cd PROCES\r\n}\r\n<\/pre>\n<p>I v&nbsp;tomto k\u00f3du m\u00e1m 2 pomocn\u00e9 funkce. Prvn\u00ed z&nbsp;nich je <em>load_user_by_openid($identity)<\/em>, kter\u00e1 vykon\u00e1 n\u00e1sleduj\u00edc\u00ed SQL dotaz:<\/p>\n<pre>\r\nSELECT id\r\nFROM users\r\nWHERE identity LIKE '$openid'\r\n<\/pre>\n<p>Druh\u00e1 funkce je <em>create_user_by_openid($identity, $email)<\/em>, kter\u00e1 zaregistruje nov\u00e9ho u\u017eivatele do&nbsp;datab\u00e1ze syst\u00e9mu. Provede se tedy n\u00e1sleduj\u00edc\u00ed dotaz:<\/p>\n<pre>\r\nINSERT INTO users\r\nSET email = '$email',\r\n    identity = '$identity'\r\n<\/pre>\n<p>V\u00fdsledek je tedy n\u00e1sleduj\u00edc\u00ed. Po \u00fasp\u011b\u0161n\u00e9m zpracov\u00e1n\u00ed odpov\u011bdi od&nbsp;serveru OpenID dostaneme p\u0159ihl\u00e1\u0161en\u00e9ho u\u017eivatele do&nbsp;na\u0161eho syst\u00e9mu. Pokud se jednalo o&nbsp;jeho prvn\u00ed pokus o&nbsp;p\u0159ihl\u00e1\u0161en\u00ed, tak se skript z\u00e1rove\u0148 postaral o&nbsp;novou registraci.<\/p>\n<h2>Co dodat z\u00e1v\u011brem?<\/h2>\n<p>Slu\u017eba OpenID nen\u00ed rozhodn\u011b jedin\u00fdm mo\u017en\u00fdm \u0159e\u0161en\u00edm pro snaz\u0161\u00ed p\u0159ihl\u00e1\u0161en\u00ed u\u017eivatel\u016f. Posledn\u00ed dobou se dosti roz\u0161i\u0159uje autentizace pomoc\u00ed protokolu OAuth(2). Tento druh p\u0159\u00edstupu v\u0161ak nen\u00ed p\u0159edm\u011btem tohoto \u010dl\u00e1nku, tak\u017ee se budu t\u00e9to problematice v\u011bnovat v&nbsp;n\u011bkter\u00e9m z&nbsp;m\u00fdch budouc\u00edch p\u0159\u00edsp\u011bvk\u016f.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Tento \u010dl\u00e1nek by m\u011bl v&nbsp;prv\u00e9 \u0159ad\u011b p\u0159edstavit slu\u017ebu OpenID, kter\u00e1 umo\u017e\u0148uje pou\u017e\u00edvat jeden u\u017eivatelsk\u00fd \u00fa\u010det pro v\u00edce webov\u00fdch slu\u017eeb. Zejm\u00e9na by m\u011bl pomoci v\u0161em v\u00fdvoj\u00e1\u0159\u016fm v&nbsp;programovac\u00edm jazyce PHP, kte\u0159\u00ed se rozhodli p\u0159ihla\u0161ov\u00e1n\u00ed pomoc\u00ed OpenID integrovat do&nbsp;sv\u00fdch str\u00e1nek.<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[71],"tags":[85,86,4],"class_list":["post-173","post","type-post","status-publish","format-standard","hentry","category-vyvoj","tag-autentizace","tag-openid","tag-php"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID | igloonet blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/\" \/>\n<meta property=\"og:locale\" content=\"cs_CZ\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID | igloonet blog\" \/>\n<meta property=\"og:description\" content=\"Tento \u010dl\u00e1nek by m\u011bl v&nbsp;prv\u00e9 \u0159ad\u011b p\u0159edstavit slu\u017ebu OpenID, kter\u00e1 umo\u017e\u0148uje pou\u017e\u00edvat jeden u\u017eivatelsk\u00fd \u00fa\u010det pro v\u00edce webov\u00fdch slu\u017eeb. Zejm\u00e9na by m\u011bl pomoci v\u0161em v\u00fdvoj\u00e1\u0159\u016fm v&nbsp;programovac\u00edm jazyce PHP, kte\u0159\u00ed se rozhodli p\u0159ihla\u0161ov\u00e1n\u00ed pomoc\u00ed OpenID integrovat do&nbsp;sv\u00fdch str\u00e1nek.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/\" \/>\n<meta property=\"og:site_name\" content=\"igloonet blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/igloonet\" \/>\n<meta property=\"article:published_time\" content=\"2011-01-26T17:20:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2014-08-11T20:30:43+00:00\" \/>\n<meta name=\"author\" content=\"Martin Pe\u0161out\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@martinpesout\" \/>\n<meta name=\"twitter:site\" content=\"@igloonet\" \/>\n<meta name=\"twitter:label1\" content=\"Napsal(a)\" \/>\n\t<meta name=\"twitter:data1\" content=\"Martin Pe\u0161out\" \/>\n\t<meta name=\"twitter:label2\" content=\"Odhadovan\u00e1 doba \u010dten\u00ed\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minut\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/\"},\"author\":{\"name\":\"Martin Pe\u0161out\",\"@id\":\"https:\/\/igloonet.cz\/blog\/#\/schema\/person\/8c731b61fb41d87a83ec347b7b85f17f\"},\"headline\":\"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID\",\"datePublished\":\"2011-01-26T17:20:04+00:00\",\"dateModified\":\"2014-08-11T20:30:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/\"},\"wordCount\":1375,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/igloonet.cz\/blog\/#organization\"},\"keywords\":[\"Autentizace\",\"OpenID\",\"PHP\"],\"articleSection\":[\"V\u00fdvoj\"],\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/\",\"url\":\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/\",\"name\":\"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID | igloonet blog\",\"isPartOf\":{\"@id\":\"https:\/\/igloonet.cz\/blog\/#website\"},\"datePublished\":\"2011-01-26T17:20:04+00:00\",\"dateModified\":\"2014-08-11T20:30:43+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#breadcrumb\"},\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"V\u00fdvoj\",\"item\":\"https:\/\/igloonet.cz\/blog\/rubriky\/vyvoj\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/igloonet.cz\/blog\/#website\",\"url\":\"https:\/\/igloonet.cz\/blog\/\",\"name\":\"igloonet blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/igloonet.cz\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/igloonet.cz\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"cs\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/igloonet.cz\/blog\/#organization\",\"name\":\"igloonet\",\"url\":\"https:\/\/igloonet.cz\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/igloonet.cz\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/igloonet.cz\/blog\/wp-content\/uploads\/2015\/07\/RGB_LVPC_igloonet.png\",\"contentUrl\":\"https:\/\/igloonet.cz\/blog\/wp-content\/uploads\/2015\/07\/RGB_LVPC_igloonet.png\",\"width\":650,\"height\":465,\"caption\":\"igloonet\"},\"image\":{\"@id\":\"https:\/\/igloonet.cz\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/igloonet\",\"https:\/\/x.com\/igloonet\",\"https:\/\/instagram.com\/igloonet\/\",\"https:\/\/www.linkedin.com\/company\/igloonet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/igloonet.cz\/blog\/#\/schema\/person\/8c731b61fb41d87a83ec347b7b85f17f\",\"name\":\"Martin Pe\u0161out\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/igloonet.cz\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/032ee2fb90b35a9a451f30dac27d46caf09d97dea956a64a208abc47dfca3251?s=96&d=retro&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/032ee2fb90b35a9a451f30dac27d46caf09d97dea956a64a208abc47dfca3251?s=96&d=retro&r=g\",\"caption\":\"Martin Pe\u0161out\"},\"description\":\"Jsem brn\u011bnsk\u00fd UI v\u00fdvoj\u00e1\u0159 p\u011bkn\u00e9ho frontendu. Od mali\u010dka si potrp\u00edm na detail, ale p\u0159itom kladu d\u016fraz na jednoduchost a p\u0159ehlednost. Zast\u00e1v\u00e1m n\u00e1zor, \u017ee jednodu\u0161\u0161\u00ed weby jsou ty nejkr\u00e1sn\u011bj\u0161\u00ed.\",\"sameAs\":[\"https:\/\/igloonet.cz\/vyvoj\",\"https:\/\/x.com\/martinpesout\"],\"url\":\"https:\/\/igloonet.cz\/blog\/author\/cheetah\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID | igloonet blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/","og_locale":"cs_CZ","og_type":"article","og_title":"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID | igloonet blog","og_description":"Tento \u010dl\u00e1nek by m\u011bl v&nbsp;prv\u00e9 \u0159ad\u011b p\u0159edstavit slu\u017ebu OpenID, kter\u00e1 umo\u017e\u0148uje pou\u017e\u00edvat jeden u\u017eivatelsk\u00fd \u00fa\u010det pro v\u00edce webov\u00fdch slu\u017eeb. Zejm\u00e9na by m\u011bl pomoci v\u0161em v\u00fdvoj\u00e1\u0159\u016fm v&nbsp;programovac\u00edm jazyce PHP, kte\u0159\u00ed se rozhodli p\u0159ihla\u0161ov\u00e1n\u00ed pomoc\u00ed OpenID integrovat do&nbsp;sv\u00fdch str\u00e1nek.","og_url":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/","og_site_name":"igloonet blog","article_publisher":"https:\/\/www.facebook.com\/igloonet","article_published_time":"2011-01-26T17:20:04+00:00","article_modified_time":"2014-08-11T20:30:43+00:00","author":"Martin Pe\u0161out","twitter_card":"summary_large_image","twitter_creator":"@martinpesout","twitter_site":"@igloonet","twitter_misc":{"Napsal(a)":"Martin Pe\u0161out","Odhadovan\u00e1 doba \u010dten\u00ed":"9 minut"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#article","isPartOf":{"@id":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/"},"author":{"name":"Martin Pe\u0161out","@id":"https:\/\/igloonet.cz\/blog\/#\/schema\/person\/8c731b61fb41d87a83ec347b7b85f17f"},"headline":"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID","datePublished":"2011-01-26T17:20:04+00:00","dateModified":"2014-08-11T20:30:43+00:00","mainEntityOfPage":{"@id":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/"},"wordCount":1375,"commentCount":0,"publisher":{"@id":"https:\/\/igloonet.cz\/blog\/#organization"},"keywords":["Autentizace","OpenID","PHP"],"articleSection":["V\u00fdvoj"],"inLanguage":"cs","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/","url":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/","name":"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID | igloonet blog","isPartOf":{"@id":"https:\/\/igloonet.cz\/blog\/#website"},"datePublished":"2011-01-26T17:20:04+00:00","dateModified":"2014-08-11T20:30:43+00:00","breadcrumb":{"@id":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#breadcrumb"},"inLanguage":"cs","potentialAction":[{"@type":"ReadAction","target":["https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/igloonet.cz\/blog\/autentizace-uzivatelu-pomoci-openid\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"V\u00fdvoj","item":"https:\/\/igloonet.cz\/blog\/rubriky\/vyvoj\/"},{"@type":"ListItem","position":2,"name":"Autentizace u\u017eivatel\u016f pomoc\u00ed OpenID"}]},{"@type":"WebSite","@id":"https:\/\/igloonet.cz\/blog\/#website","url":"https:\/\/igloonet.cz\/blog\/","name":"igloonet blog","description":"","publisher":{"@id":"https:\/\/igloonet.cz\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/igloonet.cz\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"cs"},{"@type":"Organization","@id":"https:\/\/igloonet.cz\/blog\/#organization","name":"igloonet","url":"https:\/\/igloonet.cz\/blog\/","logo":{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/igloonet.cz\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/igloonet.cz\/blog\/wp-content\/uploads\/2015\/07\/RGB_LVPC_igloonet.png","contentUrl":"https:\/\/igloonet.cz\/blog\/wp-content\/uploads\/2015\/07\/RGB_LVPC_igloonet.png","width":650,"height":465,"caption":"igloonet"},"image":{"@id":"https:\/\/igloonet.cz\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/igloonet","https:\/\/x.com\/igloonet","https:\/\/instagram.com\/igloonet\/","https:\/\/www.linkedin.com\/company\/igloonet"]},{"@type":"Person","@id":"https:\/\/igloonet.cz\/blog\/#\/schema\/person\/8c731b61fb41d87a83ec347b7b85f17f","name":"Martin Pe\u0161out","image":{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/igloonet.cz\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/032ee2fb90b35a9a451f30dac27d46caf09d97dea956a64a208abc47dfca3251?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/032ee2fb90b35a9a451f30dac27d46caf09d97dea956a64a208abc47dfca3251?s=96&d=retro&r=g","caption":"Martin Pe\u0161out"},"description":"Jsem brn\u011bnsk\u00fd UI v\u00fdvoj\u00e1\u0159 p\u011bkn\u00e9ho frontendu. Od mali\u010dka si potrp\u00edm na detail, ale p\u0159itom kladu d\u016fraz na jednoduchost a p\u0159ehlednost. Zast\u00e1v\u00e1m n\u00e1zor, \u017ee jednodu\u0161\u0161\u00ed weby jsou ty nejkr\u00e1sn\u011bj\u0161\u00ed.","sameAs":["https:\/\/igloonet.cz\/vyvoj","https:\/\/x.com\/martinpesout"],"url":"https:\/\/igloonet.cz\/blog\/author\/cheetah\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/posts\/173","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/comments?post=173"}],"version-history":[{"count":3,"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/posts\/173\/revisions"}],"predecessor-version":[{"id":2476,"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/posts\/173\/revisions\/2476"}],"wp:attachment":[{"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/media?parent=173"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/categories?post=173"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/igloonet.cz\/blog\/wp-json\/wp\/v2\/tags?post=173"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}