|
Provider
IntroductionThe LightOpenIDProvider class is an OpenID Provider implementation. It requires PHP >= 5.1.2, or >= 5 with Hash extension. Also, if you aren't running it over https and want to support associations (not required, however recommended), you must have GMP or BCMath extensions. GMP is faster, and is used if available. UsageThe class has to be extended in order to use it -- it offers no predefined interface. Functions to implementRequired
Optional
Single userThe example.php file contains an single-user implementation that you can use as a simple replacement for phpMyID. It uses HTTP authentication and doesn't support SREG or AX extensions. To use it from another url, just include 'example.php'; at the top of it. The script shouldn't interfere with your page until someone tries to authenticate with OpenID. Multiple usersexample-mysql.php shows how to use mysql database to provide identities. You can integrate the provider into your website based on that example. select_idIf you set $select_id flag in the provider, it will return a different XRDS document, stating that:
Because of 2., you can't set select_id on user's identity urls. If you do, most clients will return an error during verification. Also, remember to set $xrdsLocation for the identity urls, so that select_id can be disabled there too. |
can you provide download link for the LightOpenIDProvider class?
The code is at https://gitorious.org/lightopenid/lightopenid/trees/master/provider
yes.,i got it but i don't how to implement...i mean how to set up the server?
Hi, thanks for attempting a simple and clean implementation. Its really appreciated.
I only understand the sreg vs AX stuff in my clearest moments, and I am having trouble understanding how you respond to requests for those, and how you set sreg vs AX vs both etc etc.
Also I am not sure what you mean "function must not interact with user" regarding check_id. Obviously you are still able to get into the SESSION, POST and GET b/c your examples do not work without them.
It would be much easier to sort out the mysql example if you were not using serialized data in the mysql table. That makes it really hard to sort out what is going on.
Rather than working to make the mysql system "better" how about making something both simpler and all static?
How about a server with three users, defined in code using a big php array, that has values for all of the sreg / AX data statically defined?
Then, if you could, simply print what was "required" and "optional". I am using stackoverflow.com for testing and they send me nothing at all, but I would like to send them back email, phone address, names etc etc etc
When I doing client stuff with OpenID, all of the providers simply ignore what I request and while I think that is bad form, I understand the rational (some providers even ask the user what to send, which is more reasonable). For the purposes of learning to use your code and testing it, it would be nice to just see how you send everything, attribute wise....
Thanks for an awesome project.