7

I want to try to use open id as login system on the site that I am going to make. I've check out this site, and I'm not pretty sure how this all works and how to make it work. http://remysharp.com/2007/12/21/how-to-integrate-openid-as-your-login-system/

What is clear right now is that open id uses urls instead of passwords. Can you give me some links to help me get started with this, Do I need to know advanced php to make this work for me. I only know the basics of php.

Wern Ancheta
  • 22,397
  • 38
  • 100
  • 139
  • Our very own StackOverflow uses OpenID. Also, OID libraries exist for most languages and frameworks. But it's pretty straightforward. In order to log somebody in with their OpenID, you redirect to a site specified by the OID and if that site can verify the user's identity, it'll give you a secret to use. That secret works like the password to the username that is the OID. So it's every bit as secure, or more so, but you pass off the user authentication to the issuing site. – Robert Dec 16 '10 at 10:10
  • possible duplicate of http://stackoverflow.com/questions/42407/how-do-i-implement-openid-in-my-web-application – Sandeepan Nath Dec 16 '10 at 10:16

2 Answers2

11

Thanks to some other comment on Stackoverflow.com I came to learn about LightOpenId. It is really easy to use.

The example code just works(without any configuration):

<?php
require 'openid.php';
try {
    $openid = new LightOpenID;
    if(!$openid->mode) {
        if(isset($_POST['openid_identifier'])) {
            $openid->identity = $_POST['openid_identifier'];
            header('Location: ' . $openid->authUrl());
        }
?>
<form action="" method="post">
    OpenID: <input type="text" name="openid_identifier" /> <button>Submit</button>
</form>
<?php
    } elseif($openid->mode == 'cancel') {
        echo 'User has canceled authentication!';
    } else {
        echo 'User ' . ($openid->validate() ? $openid->identity . ' has ' : 'has not ') . 'logged in.';
    }
} catch(ErrorException $e) {
    echo $e->getMessage();
}

Using google as openid provider.

<?php
# Logging in with Google accounts requires setting special identity, so this example shows how to do it.
require 'openid.php';
try {
    $openid = new LightOpenID;
    if(!$openid->mode) {
        if(isset($_GET['login'])) {
            $openid->identity = 'https://www.google.com/accounts/o8/id';
            header('Location: ' . $openid->authUrl());
        }
?>
<form action="?login" method="post">
    <button>Login with Google</button>
</form>
<?php
    } elseif($openid->mode == 'cancel') {
        echo 'User has canceled authentication!';
    } else {
        echo 'User ' . ($openid->validate() ? $openid->identity . ' has ' : 'has not ') . 'logged in.';
    }
} catch(ErrorException $e) {
    echo $e->getMessage();
}
Community
  • 1
  • 1
Alfred
  • 60,935
  • 33
  • 147
  • 186
  • the button does nothing :) It should be an input with type="submit" :) but again I have never but only one button in a form, so maybe im wrong, if i am please correct me, i don't see how that could be wrong though.. – JamesM-SiteGen Jan 15 '11 at 10:00
  • This just works. It is just copied from the examples => http://gitorious.org/lightopenid/lightopenid/blobs/master/example-google.php for quicker access. – Alfred Jan 15 '11 at 10:07
3

You can use the PHP OpenID library here or for PHP 4 here

Greg
  • 21,235
  • 17
  • 84
  • 107