Questions about JanRain PHP
Jonathan Daugherty
cygnus at janrain.com
Wed Aug 1 09:42:33 PDT 2007
Hello,
# First thing I've noticed is that on line 522 of PEAR/Auth/OpenID/
# Server.php -> $ml =& Auth_OpenID_getMathLib(); ... that $ml is not
# used in the rest of the function answer($assoc). Is there a reason
# it's there?
That line is just stale.
# There is a MySQL database installed with three tables
# oid_associations, oid_nonces, and oid_settings. Using the server
# example that comes with the library, the oid_associations table gets
# used. But even when using the consumer example that comes with the
# library, the oid_settings tables SEEM to me to not get used. Am I
# wrong?
The getAuthKey() code and related functionality is stale, depending on
which library version you're using. The code is gone in the 2.x.x
series of the library.
# What is the purpose of getAuthKey()? I found something about
# tokens, but I don't understand what that means.
getAuthKey() was used to create a consumer-side secret to sign a
"token" to identify an OpenID transaction. Because the token was
originally appended to the return_to URL, it needed to be signed.
Nowadays, the libraries put the transaction information into whatever
session the RP environment provides, so the auth key and the settings
table are no longer required.
Hope that helps,
--
Jonathan Daugherty
JanRain, Inc.
irc.freenode.net: cygnus in #openid
cygnus.myopenid.com
More information about the Dev
mailing list