Jump to content

OpenID


Xeoncross

Recommended Posts

Well, I have spent several days working on learning the OpenID system (in PHP) and I am still wondering about some things.

 

I figured I would start with the specs for authentication version 1.1. As OpenID 2.0 is more complex. However, after reading this great getting started guide and watching some movies on youtube and else where I started downloading API's/Scripts and looking at them.

 

These Classes have helped me the most:

http://siege.org/projects/phpMyID/

http://sux0r.cvs.sourceforge.net/sux0r/sux0r2/includes/suxOpenID.php?view=markup

 

 

http://www.phpclasses.org/browse/package/3290.html

http://wiki.guruj.net/Clamshell!Home

http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers

 

However, in the OpenID 1.1 there are only FOUR funtions - and they seem to be Consumer or Provider specific. This Logic flow chart shows the order that the API's are to be called - but I am having trouble wrapping my mind around the whole thing when some of the PHP classes I download are 20 files and over 300k!

 

Why is the Spec for 1.1 so simple but the lib's so complex? Can anyone map the function names to the logic flow? - that would REALLY help me! If someone could just help me get into the right way of looking at this I could finish my understanding. Kind of like back when we each needed a little help with OOP...

 

 

 

Link to comment
Share on other sites

Well, this is the best I have so far as to the logic of the system.

 

 

 

 

////Consumer\\\\

 

//first the user enters the URL of there openid Provider

function no_mode()-> user enters openid url -> submit

 

//Next, the consumer fetches the OpenID page given by User and finds the server

function get_server()->

 

//then checks to see if a shared secret exists with IDP.

//If not, the consumer tries to make one with the Provider.

//(creates one, stores it, and sends it to the IDP)

function associate_mode()

 

//After a secret is shared - send user to IDP and wait for answer

function send_checkid()

 

////ID Provider\\\\

 

//IDP receives request for OpenID URL

//checks if user is logged in and owns the oID URL

function check_id(){

 

    //If user doesn't own URL

    -> Return FALSE

 

    //If user is not logged in

    -> Return FALSE

    -> Send user to login form

 

    //If user is logged in and owns ID -> ask if allow this host

    -> Return Allow Host form

    -> TRUE/FALSE

 

    //(return user to return_to)

}

 

 

////Consumer\\\\

 

//Get's response back from IDP

function receive_response()

 

    //if shared secret for this server

    //verify secret using that cached secret

    -> 'WELCOME USER'

 

    //IF no secret

    function check_authentication() {

        //if valid

        return -> 'WELCOME USER'

        //IF false

        return -> 'Denied';

    }

}

 

 

 

Link to comment
Share on other sites

  • 5 months later...

Hi, I'm the author of sux0r. Just letting you know that the OpenID 1.1 implementation is now stable. It acts both as a consumer and a provider, allowing to easily set up your own OpenID powered site, for example this is (one of) my OpenID URL.

 

More info:

http://www.sux0r.org/

 

Sourcecode:

https://sourceforge.net/projects/sux0r/

 

Thanks.

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.