New OpenID PHP Server backend
Norman Rasmussen
norman at rasmussen.co.za
Sat Dec 2 03:16:58 PST 2006
On 11/14/06, Bruce Wang <number5 at gmail.com> wrote:
> I like the idea of integration of OpenID and XMPP, it's cool.
> Where I can find your code for curiosity and hacking? If it it open source.
For those interested, here's a patch [1] to use XMPP as a backing
store for the example PHP server.
It's still alpha quality, but it enables you to set up an OpenID
provider that will use XMPP XEP-0070 as the authentication backing
store. (User accounts, and aliases, etc are disabled for this
purpose).
I am running a copy at http://openid.xmpp.za.net/ (using
openid at zelus.informationlogistics.co.za as the backend JID). The
gmail connection is flaky so it probably won't work for gmail
accounts.
The XEP-0070 handler could do with some updates, specifically the
'from address' of the reply needs to be checked. I also added
xmpp_parameters in the config, and I think I could just use
auth_parameters (not 100% sure). I also made a copy of the index.php
just for serve purposes (server.php), iirc this was because .htaccess
was acting up. With a bit more tweaking this could probably be folded
back into index.php.
I've also added a config option for ALLOW_USER_LOGIN and
ALLOW_USER_TRUST. Descriptions are in config.php. It should be noted
that because ALLOW_USER_TRUST is false, I work around the "Setup
Needed for checkid_immediate" test failure that the openid test
harness [2] revealed in the original code.
[1] http://www.darkskies.za.net/~norman/jabber/OpenID-PHP-server-1.0-xmpp.patch
[2] http://www.openidenabled.com/resources/openid-test/diagnose-server/
--
- Norman Rasmussen
- Email: norman at rasmussen.co.za
- Home page: http://norman.rasmussen.co.za/
More information about the Dev
mailing list