Archive for July, 2007
Yes, my OpenID 2.0 PHP5 Consumer has finally been proposed to PEAR. This brings the OpenID fanaticism on PEAR to four packages:
It’s been quite the thrill ride, and my thanks go out to the PEAR guys who’ve put up with the proposal flood over the last few weeks, and drawn attention to some of the weaker spots in the source code.
My attention, for now, will remain on getting the OpenID 2.0 Consumer further up to par. This will see the completion of Nonce validation (a required anti-replay attack preventative), error reporting which is more consistent, and adding support for a few other operation modes, like check_immediate. I also really want to get documentation committed as soon as possible since it’s a PITA using a library in its absence.
For those unfamliar with OpenID, and who want a quick overview, David Recordon and Simon Willison gave an OpenID Bootcamp tutorial at OSCON on Wednesday. Here ya go:
Just a quick update on the PHP OpenID 2.0 library being proposed to PEAR. The library is a PHP5 implementation of the OpenID 2.0 Authentication Specification. It’s currently only including a Consumer (so you can build OpenID authentication into websites) but a Server is already in the works for later.
Over the weekend, a set of changes were put through to patch some last instability issues:
- OpenID 1.1 support finalised
- Unencrypted associations (for those using SSL) now implemented
- HTML Discovery (required for OpenID 1.1 only servers) now implemented
- OpenID Extension support for SREG updated to patch a bug which malformed Extension keys
- All HTML parsing is now performed using DOMDocument, rather than ugly PCRE hacks!
- Data validation forms extended somewhat to cover edge cases, and also to support unencrypted response data
There are still a few more edge cases to work through, and error responses need to made more interactive (so users can access OpenID error messages from the Server), but nearly all the core pieces are finally coming together. If you are inclined to test out the alpha code, you can checkout the source from subversion at:
My last blog entry offered a quick example authentication script to get you started off. It also offers instructions for installing the related PEAR packages or source code required to support OpenID 2.0 (Services_Yadis, Crypt_DiffieHellman and Crypt_HMAC2).
A mailing list for those wishing to request support, or provide feedback/help is available from http://www.openidforphp.org, which will eventually offer OpenID library support and downloads of standalone packages. Of course the preferred install method will be PEAR! And the site will be supplementary to future PEAR/PEAR2 support options.