PHP-based OpenID Server code

We encourage users to post events happening in the community to the community events group on https://www.drupal.org.
Boris Mann's picture
Posted by Boris Mann on July 31, 2006 at 6:59pm

Here are links to various server PHP code with some notes:

Videntity - http://videntity.org/openid/

PHP OpenID is intended to run on any version of PHP >= 4.1.0, although I have only tested it with PHP5 and PHP4.4 on gentoo. If you encounter problems running with other versions, please let me know. Great care has been taken to use PHP extensions when available and to provide fallback routines in case the extension is not present. These fallback routines are often slower and may not be as secure or "rock-solid". For production use of the library, I recommend installation of these extensions: gmp, mhash, curl, and tidy2. PHP OpenID does not use or require PEAR.

Notes: license is LGPL

janRain - http://www.openidenabled.com/openid/libraries/php

Notes: can't find license. Uses PEAR, probably not appropriate.

TaraL - http://taral.livejournal.com/147710.html

Notes: no license, random code on a livejournal page...probably best to stay away from.

Categories: , ,

Comments

Another source of code

Posted by bonobo on July 31, 2006 at 8:59pm
bonobo's picture

Also from openidenabled.com:

http://www.openidenabled.com/openid/php-standalone-openid-server/

This is a downloadable openid server, written in php

FunnyMonkey

I linked to the libraries

Posted by Boris Mann on August 1, 2006 at 3:46am
Boris Mann's picture

I linked to the libraries that this is based on. Same comments---PEAR-based, will need to be refactored.

some research

Posted by moshe weitzman on July 31, 2006 at 9:27pm
moshe weitzman's picture

i downloaded the videntity library and played some. OpenID looks nice and simple, but somehow these implementations are crazy big compared to current distrubuted auth. i expect a bit of bloat, but this borders on unacceptable for core, IMO.

i agree with Dries that we probably have to write a native client/server, which will be quite some work.

i'm hoping that someone else disagrees or can shed light on this.

Propted by the recent OpenID

Posted by rkerr on August 4, 2006 at 1:41pm
rkerr's picture

Propted by the recent OpenID bounty program, and a project here at Standard getting kicked back into gear, I started reading over the through the OpenID 2.0 draft yesterday. I haven't looked at any of the existing php implementations, and based on people's feedback so far I probably won't bother .. and will write up the module based only on the specs.

The only "big" parts of OpenID 2 seem to be xml parsing and the encryption steps, but even with that I think it can be done without any rediculous bloat or dependance on multiple external libraries.

Great

Posted by Boris Mann on August 5, 2006 at 8:44pm
Boris Mann's picture

If we need an interim place to stick code, we can get accounts for folks at svn.bryght.com/dev. Let's try and rev lots in the open so people can jump in and contribute.