tags:

views:

2401

answers:

10
+4  Q: 

Janrain's PHP-OpenID and Google/Yahoo

I'm using Janrain's PHP-OpenID 2.1.3, and I've managed to get it working with all the providers I have tried except for Google and Yahoo. The major difference here seems to be that Google and Yahoo, unlike most other providers, don't use a user-specific URL, but rather have the user discovery framework all on their end - which throws the default Janrain framework for a loop then it tries to begin the auth request.

From what I've seen it looks like it's probably the YADIS discovery that is throwing the error, which should be able to be bypassed since the discovery is on Google or Yahoo's end, but I'm not sure. This is all a big informal learning experience for me, and I haven't had any luck finding documentation that can help me on this one. Any tips would be greatly appreciated.

Edit: the specific problem I am having is that when the begin() function is called for the Google or Yahoo URL, I get a null return. This function is found in Auth/OpenID/Consumer.php for reference.

+1  A: 

This library should work with Yahoo and Google just fine. You can see the online demo for this library and try it out yourself using "yahoo.com" or "https://www.google.com/accounts/o8/id" to test it out against these two OPs.

Google has along identifier to type in because they're still in beta and haven't pushed their OP Identifier to be just "google.com" yet.

Andrew Arnott  2009-06-15 15:33:18
A: 

I downloaded the latest libraries and I get the same failed results when using Yahoo!. I did not try Google.

If I try to use http://www.yahoo.com I get an error saying authorization failed, but it returns my correct me.yahoo.com url. If I try to login using my me.yahoo.com url then I get an error saying to enter a valid OpenID url.

Ninjaz  2009-06-21 22:17:38
I'm not having this problem anymore.... I'm not sure what I did differently besides using "$openid = $response->getDisplayIdentifier()" to get the URL for saving to the database. I don't see how this could have fixed the issue of the yahoo.com and google.com not working properly, but after making just that change my OpenID authenticates everything properly.
Ninjaz  2009-06-24 13:00:18
A: 

Another potential difference is that Google and Yahoo use HTTPS and if your PHP or SSL installation is misconfigured (perhaps missing CA certs) then your OpenID code will fail to establish an association or complete the check_authentication call.

But without error messages or logs, I can't really tell what type of failure you're looking at.

keturn  2009-06-22 00:01:39
The "error" I am getting is simply that the begin() function in Consumer.php isn't returning anything. The line:$auth_request = $consumer->begin($openid);leaves $auth_request NULL when I am trying to use Google or Yahoo. I have no problems with Yahoo when I go through Flickr, as it still uses the older way of discovery - this leads me to believe my SSL installation is not the problem.
Dan G.  2009-06-22 22:11:32
+1  A: 

Are you using the example RP? Can I suggest you submit a detailed bug at http://trac.openidenabled.com/trac/newticket?project=php-openid or a detailed enquiry via the mailing list.

The immediate_mode support indeed does work the libraries if implemented correctly. I (and others) would also be happy to help you on the OpenID IRC channel irc.reenode.net in #openid. My nickname is flaccid.

 2009-06-23 11:31:25
+1  A: 

I agree on the certificate part - for me installing the ca-certificates package (on debian like systems: apt-get install ca-certificates ) and a webserver restart solved the google/yahoo issue. Not my idea, but instead suggested on stackoverflow :-)

Flim  2009-06-30 22:02:26
+1  A: 

It's because you don't have curl support enabled enabled in php. Without this, it can't get https content. At least, that's what I discovered. When I tried to get yahoo or google, it failed with an error message "Authentication error; not a valid OpenID," but when I enable php_curl, it works properly.

FryGuy  2009-06-30 22:05:24
That is not the problem. I have curl enabled and still doesn't work...
miguelSantirso  2009-09-12 12:24:13
+1  A: 

Make sure your server has curl with https protocol enabled. This solved it for me.

see this thread.

Here is a quick script to test it out. Upload on your server then acccess it via your browser.

<?php
error_reporting(E_ALL);
// create curl resource
$myurl = 'https://&lt;YOURACCOUNT&gt;.myopenid.com';
$curl_handle=curl_init();
curl_setopt($curl_handle,CURLOPT_URL, $myurl);
curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1);
$buffer = curl_exec($curl_handle);


if (empty($buffer))
{
    print "Sorry, cannot access $myurl .<p>". curl_error($curl_handle);
}
else
{
    print $buffer;
}

curl_close($curl_handle);


?>

If it returns " Protocol https not supported or disabled in libcurl" then you know what to do.

I tried it using my gmail account and it works but it leads to a 301 permanent rediret, which makes sense.

pixeline  2009-09-28 14:35:29
+5  A: 

Ok, I finally got to fix the library... I explained everything here (you can also download the php-openid library after my changes).

I needed to do what Paul Tarjan suggested but, also, I needed to modify the Auth_OpenID_detectMathLibrary and add the static keyword to a lot of functions. After that It seems to work perfectly although it is not an ideal solution... I think that someone should rewrite the whole library in PHP 5...

miguelSantirso  2009-10-05 17:13:10
You're my hero, sir.
Dan G.  2009-10-12 15:46:45
A: 

do we need ssl enabled site for google openid?

abhishek jindal  2009-11-02 17:58:57
Because this site is in Question/Answer format, rather than being an open discussion forum, you should probably post this as a new question in its own right rather than an answer to someone else's question. Otherwise people will either down-vote it or simply ignore it.
Andrew Swan  2009-11-22 23:42:00
+5  A: 

I had the same problem on Windows XP. Fixed by activating curl extension. To do this uncomment in php.ini the line 

extension=php_curl.dll

by removing the ; in front of it if any. Restart apache.

Also on windows to work properly you need to define Auth_OpenID_RAND_SOURCE as null since in windows you don't have a random source. You can do this by adding the line 

define('Auth_OpenID_RAND_SOURCE', null);

in CryptUtil.php before the first code line 

if(!defined('Auth_OpenID_RAND_SOURCE')){

Even if the curl is not enabled the API should work by using instead the Auth_Yadis_PlainHTTPFetcher to communicat via HTTP. In the case of Google and Yahoo you need https, so it only works if open_ssl is enabled (Auth_Yadis_PlainHTTPFetcher::supportsSSL must return true).

Andrei Bica  2010-04-07 20:04:57

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases