Is Google the only OpenID provider that requires "identifier_select"?

I am developing an OpenID consumer in PHP and am using the fantastic LightOpenID library (http://gitorious.org/lightopenid). Basing my code off of that found in the example client script I have successfully created a consumer. However, I've run across a snag: Google requires the openid.identity and openid.claimed_id to be set to "http://specs.openid.net/auth/2.0/identifier_select" (see here). If I do that it works but other providers (i.e. AOL) don't.

Here are my questions:

Is Google a corner case –– is it the only OpenID provider where identifier_select is required, contrary to the OpenID specs?
Is there a shortcoming in the LightOpenID library?
Is my understanding of how OpenID works incorrect?
If Google is not the only provider that requires identifier_select are there a finite number of them which I'll just hardcode in, or is there someway to determine this through the OpenID spec?

I'm new to the internals of OpenID so I wouldn't be surprised if this is a dumb question. I haven't been able to find any info on this subject after scouring the Internet.

Is there any way to detect that the provider requires Directed Identity before redirecting the user?I can hardcode support for Yahoo and Google but I've still got my hopes up looking for a more flexible solution. There's probably something in the OpenID specs that I'm missing, something obvious.

Skrat 2010-06-10 21:57:10

Unlike OpenID 1.0, you have to do some provisioning work for OpenID 2.0 provider. For example, you need to plaster your site with NASCAR logos because you can't expect users know what's that OpenID 2.0 URL is. You can just add a flag to your site configuration for this.

ZZ Coder 2010-06-10 23:15:48

Looks like I'll just have to extend the library (LightOpenID). The two popular PHP OpenID libraries (the Zend component and JanRain's PHP-OpenID) offer more flexibility than I need and don't have as nice of an interface as LightOpenID does. Wish me luck!

Skrat 2010-06-11 13:53:45

I think the majority support directed identity, including myopenid and yahoo.

Artefacto 2010-06-13 13:06:02

Artefacto, I think you're confusing directed identity with identifier_select, which are different things. Identifier_select is the OP Identifier-initiated OpenID experience where the user doesn't have to know his own identifier. "Directed identity" is where the OP provides a pairwise unique identifier for each RP the user logs into. Yahoo for example supports identifier_select, but *not* directed identity.

Andrew Arnott 2010-06-13 14:49:59

Mewp, thanks for the update to your library that you pushed only a couple days ago. Now the use of "identifier_select" is automatic (i.e. built into the discovery process) which means use of LightOpenID will function the same way for all providers.Thanks again, keep up the great work. I love your library, such clean (read 'readable') code is rare.

Skrat 2010-06-22 18:34:10

@Mewp: I've just fallen into the OpenID seduction, I just wanted to say that I absolutely love your class. I'm still pretty green to the OpenID concept I've spent all night reading about it but I can't still quite understand the AXs and SREGs - but tomorrow is another day! Also, would you mind if I tried to fork your code and release it as part of my OSS project (http://sf.net/projects/phunction/), also MIT licensed?

Alix Axel 2010-07-14 07:08:19

@Alix Axel: Since your project is MIT licensed, you surely know that the license allows it. In other words: of course you can, as long as you don't claim you wrote it. Also, you don't have to understand in depth how SREG/AX works. It's just a method of fetching additional information about an user, and you can mark it as otional or required. The only thing you need to know is AX field names, which can be found at http://www.axschema.org/types/. If you have any additional questions, just message me.

Mewp 2010-07-15 22:11:28

ansaurus

tags:

views:

answers:

Is Google the only OpenID provider that requires "identifier_select"?

related questions