OpenIDStore for PEAR::MDB2
Thomas Harning
thomas.harning at trustbearer.com
Thu Feb 21 07:24:02 PST 2008
Ryan Patterson wrote:
> I've created an Auth_OpenID_OpenIDStore implementation that utilizes
> PEAR::MDB2 instead of PEAR::DB, called Auth_OpenID_MDB2Store. The
> advantages to this store are that it supports all database back ends
> that PEAR::MDB2 supports, and does not require the user to know which
> database back end is being used when instantiating the store. Because
> of the complete database abstraction, the entire store is
> approximately 350 lines shorter than the SQLStore family.
>
> As a note to users planning to test this store: the table schema is
> incompatible with the other SQLStores. Specifically, the length of
> server URLs has been shortened to 255 characters to allow cross-RDBMS
> compatibility, and the field types have been changed to NOT NULL. You
> may safely delete your associations and nonces tables with no
> consequences.
Shortening the URLs to 255 chars has some ugly problems since the spec states
that the max Server URL can technically be up to 2047 bytes (per OpenID 1.1-Appendix D)
One option for databases that can't have a key large enough is using a prefix-based key...
I know MySQL supports this, but I'm not so sure on others.
Another option would be to use a unique value as the primary key and use some ugly
mechanics so that you can store a 20 byte sha1 in a non-unique index and the server URL
not in an index.
The basic select would be SELECT * FROM Sites WHERE URLHash = ? AND URL = ?;
The URLHash would narrow it down to likely one, where URL would clobber potential
collisions and keep the data around if needed...
--
Thomas Harning @ TrustBearer Labs (http://www.trustbearer.com)
Secure OpenID: https://openid.trustbearer.com/harningt
3201 Stellhorn Road 260-399-1656
Fort Wayne, IN 46815
More information about the Dev
mailing list