PHP implementation of IdP discovery based OpenID?

Question

Google have a very nice user friendly federated OpenID login with automagic endpoint discovery:

• http://www.puffypoodles.com/lso2

This is implemented in Java Servlets, is there a PHP equivalent that can be used in conjunction with php-openid?

The discovery mechanism, XRDS, is covered in the following document:

• groups.google.com/group/google-federated-login-api/web/openid-discovery-for-hosted-domains

It would appear something like "DiSo's XRDS-Simple" should work but basic testing doesn't provide useful results.

• code.google.com/p/diso/

Thanks,

Answer 1

Ok I found it's relatively straightforward to modify the XRDS-Simple implementation to support Google's Host-Meta discovery mechanism. The caveat being this is an experimental discovery mechanism within Google's namespace and should change sometime later to something more suitable for a globally independent system.

Patch for XRDS-Simple:

• http://pastebin.com/f428fac98

Example usage for finding Identity URL to feed into PHP-OpenID:

<?php

require_once 'XRDS.php';
require_once 'XRDS/Discovery.php';

$domain = 'google.com';

$disco = new XRDS_Discovery();
$disco->discovery_methods = array('XRDS_Discovery_Host_Meta');
$xrds = $disco->discover('https://www.google.com/accounts/o8/.well-known/host-meta?hd=' . $domain);

$xrd = $xrds->xrd[0];
$identityUri = $xrd->service[1]->uri[0]->uri;

if (0 == strcmp($xrd->canonicalId, $domain)) {
    echo "identity uri: $identityUri\n\n";
} else {
    echo "discovery failed.\n\n";
}

?>