PHP OpenID Identity Provider

5
votes

I'm looking to implement an OpenID identity provider as service for a website of mine. I'm going to integrate it with the existing user services that the app provides, so I'd like to use a library rather than a complete OpenID server application (i.e. the tools listed on the OpenID Identity Servers section all do too much).

This leaves the following libraries listed on the OpenID Libraries page (those that are able to act as an identity provider; the others are ignored, as they can't do what I need anyway). Unfortunately there are some issues with each, and I'd appreciate advice as to which I should go for.

  • PHP OpenID Library (Janrain) - This seems to be popular, but seems to be unmaintained. There are many, many forks on GitHub due to a lack of fixes for the outstanding issues; it seems to work (with a few fixes), but it's hard to know which of the forks to follow, or whether it's safe to do so.
  • NetMesh InfoGrid LID - A 403 Permission Denied on the download section is not encouraging.
  • Zend Framework OpenID Component - Part of the Zend framework, which we don't use.

So, my questions are

  • Are there any other options for an identity provider?
  • Does anyone have any experience with the NetMesh solution? What's up with not being able to download it?
  • Can Zend Framework components be used without the Zend Framework?
  • Is there a good, reliable fork of the Janrain PHP OpenID Library?
1
phpopenidopenid-provider
I have developed my OpenID provider and consumer classes to share the same login account across a family of sites that I developed. I did that precisely because the existing PHP implementations were not good enough for me. The code is working live for over 8 months now and most issues were fixed. I want to release it as Open Source but I need to finish enough documentation to make it useful to others. If you are interested in testing, mail me at the address in my profile.mlemos
Mlemos, I can't find your email anywhere I'm afraid, but I'd be interested in having a look over your code.El Yobo
As would I if you need more testers. Like El Yobo, I've found the current solutions either not fitting well for my project (so far... haven't' tried the zend version yet), or quite out of date.canadiancreed
Sorry, I thought StackOverflow would expose my contact somehow. Anyway, feel free to mail me to mlemos at acm.orgmlemos

1 Answers

1
votes

The fact that you do not use a framework in a whole should not stop you from using one of it's components. The list of dependent components of Zend_OpenID is available here. You can take just what you need for OpenID to be running and that's all. I don't see any huge difference in taking yet another OpenID component VS taking Zend_OpenID with dependencies.