Sam Ruby: phpMyId 0.7

phpMyId 0.7

Wed 05 Dec 2007 at 17:11

Since I last looked at phpMyId, it has progressed from version 0.3 to version 0.7. A number of changes occurred.

For starters, the code has been split into two files, MyID.config.php and MyID.php. The idea is that the former is the only file a typical user would need to modify. I just don’t happen to be a typical user. :-)
Decrufting is still possible, simply rename MyID.config.php to index.php, and add a line to the $GLOBALS['profile'] section like this one:
```
'idp_url' =>  'http://intertwingly.net/id/'
```
With this version of phpMyId, the server and delegate URIs must match, so if you use traditional autodiscovery approach, both the openid.server and openid.delegate links will need to be present. In the YADIS file, simply make the openid:Delegate and URI elements match.
I briefly looked into adding a delegate_for profile option, whose value would be a regular expression of URIs that this service would vouch for. Unfortunately, this would require that the code base be more careful about keeping these two values separate. As I still have my 0.3-based identity around, I simply have the autodiscovery link point to my 0.3 identify (for old clients), and have my YADIS file point to my 0.7-based identify (for new clients).

The most significant change was that this codebase uses HTML based refreshes in place of HTTP redirects in more places. The HTML page itself is hardcoded, spartan, and (to my tastes) unnecessarily distracting when used in the normal flow of a successful login. I made the following changes to my copy to address this:

In wrap_location:

function wrap_location ($url, $keys = array()) {
    $keys = append_openid($keys);
    debug($keys, 'Location keys');

    $q = strpos($url, '?') ? '&' : '?';
    if (empty($keys)) $q = '';
    header('Location: ' . $url . $q . http_build_query($keys));
    debug('Location: ' . $url . $q . http_build_query($keys));
    exit(0);
}

In authorize_mode:

// return to the refresh url if they get in
wrap_location($_SESSION['post_auth_url']);

In checkid:

// $q = strpos($profile['idp_url'], '?') ? '&' : '?';
// wrap_refresh($profile['idp_url'] . $q . 'openid.mode=authorize');
wrap_location($profile['idp_url'], array('mode' => 'authorize'));

PHPMyID rocks

30 minutes from ssh-ing into my server to having my own (decrufted) OpenID. Many thanks to PHPMyID, Sam Ruby and openidenabled.com....

Excerpt from philwilson.org at 21:15

What a great update. Thanks, Sam. By the way, I checked phpMyID’s website and it seems it’s on version 0.8. Will your changes work in this version?

Thanks again.

Posted by anonymous at 17:11

Just testing if it works with version 0.8

Posted by anonymous at 17:21

How come my name doesn’t appear here whenever I use my OpenID enabled site? Hmmm

Posted by anonymous at 17:25

Just another test. Please feel free to delete this comment and others. Thanks.

Posted by anonymous at 17:39

Now all it needs is OpenID 2.0 support :)

I guess phpMyId will need to grow some more permanent storage capabilities if it gets extended to support Attribute Exchange.

Posted by James Henstridge at 08:19

links for 2007-12-30

White House Custom Colour - Professional Photographic Lab and Press Printer (tags: printing digital photography prints) jsdoc-toolkit (tags: javascript documentation tools javadoc) Sam Ruby: phpMyId 0.7 (tags: php OpenID provider)......

Excerpt from Full Speed at 10:15

TEST

Posted by Esa Indra at 22:33

An OpenID, via Wordpress/phpMyId, on Dreamhost

Returning to this venue, after long hiatus: hi! Today’s topic: So You Want To Get You One Of Them OpenIDs. And, you’re the sort of rugged DIY nerdo who hosts his own sites; and, you’re the sort of cheapskate who uses Dreamhost to...

Excerpt from Andy Boyko says things to you at 05:46

phpMyID

phpMyID is a “single user (though, if you were so inclined, you could easily turn it into a multi-user setup) IdP, or Identity Provider for the OpenID framework.” Just been updated to version 0.7. [ via full-speed ] Copyright © 2007 -...

Excerpt from David Bisset: Web Designer, Coder, Wordpress Guru at 15:45

links for 2007-12-30

Excerpt from Full Speed at 07:45

Links for 2008-01-24

gmail-greasemonkey – Google Code—Various Greasemonkey scripts that enhance Gmail (Tagged: code extensions firefox google javascript productivity greas greasemonkey gmail scripts). Alpine Messaging System—UW Alpine Information...

Excerpt from mitch's meanderings at 12:46

I had been flirting with setting up an OpenID for a while, and finally got around to it--thanks for the guidance. One thing about decrufting: I had to use the .htaccess files with my hosting, so instead of renaming anything, I just added

DefaultView MyID.config.php

to the .htacces file. How do you like YADIS? There are weakness to your Mod_Rewrite rules for it: you should set the Vary: Accept header, and what if, for some reason, Web browsers add application/xrds+xml to their accept headers?

Posted by Ryan Cannon at 09:03

Does this work now? I keep getting alternating pass and fail lines.

Posted by Eric Swanson at 02:32

OpenID

As I have been spending all day investigating all the different ways of securing a Web API (oAuth mainly) and all kind of user authentications (WSSE, AuthSub, OpenID), I decided to try out OpenID (especially since Yahoo announced their support and...

Excerpt from Plutinosoft at 03:47

testing my open id

Posted by anonymous at 16:27

Sam Ruby: phpMyId 0.7

[link]...

Excerpt from del.icio.us/tag/openid at 01:15

Testing

Posted by Trent at 17:10

hooray for personal openid servers

Posted by also testing at 02:49

And testing again because I fail.

Posted by anonymous at 03:36

phpMyID is great. I just need to modify it to use my website’s user database :P

Posted by NTICompass at 15:12

This worked great up until phpMyID 0.9 (current). Has anyone else had any trouble? My yadis.rdf file doesn’t seem to be redirecting anymore, but maybe I’m doing something wrong?

Posted by Ryan Riley at 03:08

Thank you for this good tool. I have tested today. It’s easy to install and configure. I found a good article at [link]
And it’s not a spam of course

Posted by Wilfried at 21:35

Hi,

all’s great excepted the fact that we seem have to close the browser to be really logged out.
Thanks in all cases for the post.
;)

Posted by xion.luhnis at 15:07

The link to this page from “http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers” should be written with an enhanced font because you might miss when reading quickly.

I think that it’s not a problem having only one entry in the yadis.xrdf file that lists only my own openid ?

P.S. Thanks for phpMyID (by writing this post I’ll see if it works :))

Posted by Gamester at 13:24

Thanks for the tips--I got it working in no time.

Posted by Nathan Oliver at 07:50

I just upgraded from 0.3 to the latest version. It still works like a charm!

Posted by Hank at 16:54

testing phpMyID. Thanks for the useful info on phpMyID :)

Posted by Pradeep at 17:39

testing :)

Posted by anonymous at 03:24

Name:

E-mail:

URI:

Comment:

Remember info?

intertwingly

phpMyId 0.7

Thu 06 Dec 2007

PHPMyID rocks

Wed 12 Dec 2007

Thu 13 Dec 2007

Sun 30 Dec 2007

links for 2007-12-30

Tue 01 Jan 2008

Wed 16 Jan 2008

An OpenID, via Wordpress/phpMyId, on Dreamhost

phpMyID

Wed 23 Jan 2008

links for 2007-12-30

Fri 25 Jan 2008

Links for 2008-01-24

Wed 30 Jan 2008

Sun 02 Mar 2008

Fri 07 Mar 2008

OpenID

Wed 26 Mar 2008

Sam Ruby: phpMyId 0.7

Sun 27 Apr 2008

Tue 13 May 2008

Wed 14 May 2008

Tue 20 May 2008

Sat 28 Jun 2008

Fri 03 Oct 2008

Thu 08 Jan 2009

Sun 22 Feb 2009

Wed 01 Apr 2009

Sat 13 Jun 2009

Add your comment