“Making the startup hospitable” or “How to use OpenID on your website”

I’m sure you have more than once the abbreviation OpenID. It is quite possible that you have formed the opinion that this is a kind of fashionable thing, the support of which is increasingly being claimed by various popular projects. By and large, it is, but why is this technology really needed? Suppose you are an avid blogger, you have an account on wordpress.com, but you happen to read the message in someone else's diary and there was an overwhelming desire to leave the author a comment. But bad luck - someone else's diary was on livejournal.com . Is it really just to leave a comment that you will have to register on “enemy” blog hosting? And no. In the authorization form livejournal.com there is a subtle link "Login with OpenID". You follow this link, enter your ID with wordpress (say, ivan.wordpress.com). The “native” wordpress.com is opening and slyly squinting is interested in you “Do you want to“ soup-admirers' site ”? You grudgingly press “Yes; just this time ”, after which you find yourself on that ill-starred livejournal.com page with a comment adding form. But (!) This time you are authorized to learn under your "WordPress" account. Finally, you can leave a comment. It won't take long for the next “Wow!” To be heard to OpenID, but already from the user livejornal.com , hurrying to give you the answer back.



OpenID is a decentralized single sign-on system. This is somewhat broader than what is stated on wordpress.com : “OpenID is an open standard that allows you to log in to other sites using your WordPress.com account” :) If you are registered in a project that, among other things, is an OpenID provider, You will be able to log in with this unique account on any site that supports OpenID. It sounds great, the idea is fiction, but a reasonable question arises: “Are there many such projects that support OpenID or is it a question of an unpredictable future?”. In principle, not enough. Already announced about 1200 sites that support OpenID, and every day comes 10-15 new. Among these sites are many popular projects: Livejournal.com , Jyte.com , Vox.com . Wikitravel.org , Zooomr.com , Ma.gnolia.com , Movabletype , Iconbuffet.com , Basecamphq.com . There are integration modules for such popular software, such as Wordpress , Joomla! , Plone , Drupal . MediaWiki , CakePHP , Symfony Framework . Technology support was announced by Microsoft and AOL. OpenID support will be implemented in Firefox 3.0 .
')
But how to use OpenID on your website? If you build a project on the CakePHP or Symfony framework, you only need to configure the CakePHP OpenID component and sfOpenIDPlugin plugins accordingly. If you are not using the framework, but simply want to attract users with loyalty to register on your project (perhaps a startup), the easiest way is to use the small library Simple OpenID PHP Class . In the package, available for download besides the library, there is an example script, where in an accessible form it is shown how to authorize the user by means of the OpenID protocol. The only trouble you may encounter is that this library uses the functions of the PHP Libcurl extension library. Those. if your PHP is built with the --with-curl option, everything is fine. Otherwise, using this library is hardly possible. The author of this solution was forced to use specific functions where it would be possible to get by with more traditional HTTP request methods due to the fact that many OpenID providers require an SSL connection.

If you are more serious and intend to implement full user account management in your project, relying on popular solutions such as OpenID , LID (Light Weight Identity) and Yadis, use the library NetMesh InfoGrid LID PHP . It is also worth paying attention to the PHP OpenID library . However, in this case, you need a console PEAR installer.

In conclusion, it must be said that there are a number of complaints against OpenID regarding security vulnerabilities. In my opinion, the need to read a complete HTML page for the subsequent analysis of microformat tags is also extremely inefficient (in the OpenID 2.0 specification, an XRDS document or a Yadis document is requested). I would like to use REST, but on this account there are some doubts . However, OpenID is the case when a great idea still works. So, personally, I will be glad if I can use my OpenID account on the new, promising original project that you have assembled.

Original article in PDF

PS The current version of Simple OpenID PHP Class incorrectly handles LJ users. Remedy: add the following test to the beginning of the CURL_Request () function (class.openid.php):
if (isset ($ params ["openid.mode"])) $ method = "POST";