tags:

views:

171

answers:

2
+3  Q: 

OpenID provider library recommendations for PHP

Our PHP site uses a home-grown forms auth implementation. We're considering making our site into an OpenID provider so that we can authenticate (using our exisitng user accounts) users on a StackExchange site. If we have to add code or UI to our login form or add fields to our database, that's fine-- we just don't want to have to rip out what we have and replace it all in order to get OpenID provider support.

There are several libraries for PHP linked on the OpenID website. Anyone have experience with using any of these libraries to adding OpenID provider capability to a PHP site, and if so which is your favorite and why? Are there particular libraries you would stay away from, and if so, why?

+1  A: 

Start with browsing through the official OpenID developer website @ http://openid.net/add-openid/become-a-provider/

There, it gives you three options:

  • Outsource to a third-party provider
  • Use an existing library or plugin
  • Read the specs and OpenID yourself

Option 1 may not be the one you would aiming for, since you want your site to be a provider as you have hinted above.

Option 3 is ok if you have the time and capacity to implement it. Try going through http://openid.net/specs/openid-authentication-2_0.html and see if your development team can stomach that.

Finally, there's option 2, which I think the best choice. There are enough choices of PHP libraries listed in http://openid.net/developers/libraries/#php . I imagine it would be easy to use one of these libraries to extend your existing authentication mechanism to provide OpenID authentication service but I can't be sure as I have not tried any of them yet.

Good luck and godspeed!

Lukman  2010-01-13 04:02:51
Hah, serves me right for trusting Google's results. Google pointed me to http://wiki.openid.net/Run-your-own-identity-server which shows a few UI-focused options when I was looking for bare libraries. I'm admittedly looking for someone's real-world experiences and feedback from using those libraries, but thanks much for pointing me to that libraries list since it's a step in the right direction!
Justin Grant  2010-01-13 06:30:05
+2  A: 

Well, most of the options listed on that page don't have provider support, so I think your options come down to OpenID Enabled's php-openid or Zend_OpenId. I'm partial to the openidenabled libraries myself, but then again, I was on the team that wrote them. php-openid is generally compatible with a wider range of PHP versions, and its test coverage is pretty extensive.

I don't really know much about the Zend offering, but it might be appropriate if you're fortunate enough to not need PHP 4 compatibility and like that framework thing they do.

keturn  2010-01-22 08:48:10

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases