Is there some code out there (under BSD or similar license preferably) that implements provider support for OAuth without needing PECL OAuth extension? Zend Framework's Zend_Oauth is pretty good, but it is only the consumer side. So I wonder if there's something like that but for doing the other side (i.e. making OAuth server).
Note that I'm not looking for how to do that with pecl/oauth - this I already have, see for example, Set up a PHP OAuth Provider - but unfortunately not all people can install PECL extensions, so I'm looking for some solution that would reduce requirements.
Have you taken a look at http://pear.php.net/package/HTTP_OAuth/?
I've ended up making some implementation for Oauth provider for Zend Framework, which can be seen here: https://github.com/smalyshev/Zend_OAuth_Provider
I'll improve it if time permits but it works for me right now.
Related
Is there something like Hybridauth3, Loginza, or uLogin (but not those as I understand they are not supported by the teams anymore)? Hybridauth is too complex for me for simple auth.
As long as you know how to use code libraries (packages) here is one that is rather popular: https://github.com/laravel/socialite
This one deals with just about any OAuth2 services: https://packagist.org/packages/league/oauth2-client
And here we have a list of SSO packages provided via the composer package manager: https://packagist.org/?q=sso&p=0
Hope this helps you out.
Have you looked at thephpleague's package. Their pakages are always well maintained.
https://github.com/thephpleague/oauth2-client
and even specifics for:
Google (https://github.com/thephpleague/oauth2-google) and
Facebook (https://github.com/thephpleague/oauth2-facebook)
I have used auth libraries from here
opauth and they work quite well.
Libraries from oauthlogin, are also pointed to be reliable but not free
I have been struggling to find an active open-source PHP project that supports OAuth 2.0 as a server. There are tons of client examples that connect to Facebook, Twitter, etc. but as more and more people want to expose their own services through an API I'm a bit surprised the open source community hasn't addressed this need already. It's not that there is nothing but what's there is mostly out-of-date, little-to-no documentation, and very little to no activity in terms of current development and conversation.
Am I missing a good open-source option out there? Does anyone know of any commercial options? I really need to get something in place soonish and I personally don't have the bandwidth or security credentials to tackle this problem myself.
After much searching around I believe I have found the best solution for PHP'ers out there. Opinions are a dime a dozen but here's my favourite:
http://bshaffer.github.io/oauth2-server-php-docs/
Very active, high quality conversation and a solid product along with good (and improving) documentation.
Here is the list of available server and client libraries:
http://oauth.net/2/
which leads to a github project which is maintained.
oauth2 server by php league is much more followed and downloaded project on github. My personal experience has been awesome and the best part is it's documentation. Excellent implementation of oauth2.
According to http://www.zimuel.it/oauth2-apigility/ & http://apigility.org/documentation/auth/authentication-oauth2
You now can implement OAuth 2.0 Server using the open source project Apigility, with Brent Shaffer's implementation underneath...
in the end...
The OAuth2 implementation in Apigility uses the oauth2-server-php
library by Brent Shaffer. Apigility uses a PDO database to store all
the information related to the OAuth2 protocol. You can create your
database using the schema reported in the file
/vendor/zfcampus/zf-oauth2/data/db_oauth2.sql under your Apigility
installation folder (zf-apigility-skeleton).
How can I add a Oauth provider to a web application using Zend Framework? Zend Framework has support for oauth consumers, but I don't see a provider support. What do you use to implement a Oauth provider in php (with Zend Framework)?
I followed this guide from Rasmus Lerdorf to implement an OAuth provider.
While I didn't actually use the pecl extension, you can use the article to write your own server component.
If you look at the zend incubator, it has a new Zend_Oauth_Server file
http://framework.zend.com/svn/framework/standard/incubator/library/Zend/Oauth/
I think Brandon's correct in saying that a Provider doesn't exist yet in Zend, but I think this class maybe a future provider they're working on.
We're looking at implementing a provider for one of out projects at work, so I'll probably have to research this in depth soon. Keep me posted if you find more info on this yourself and I'll keep this thread updated on my side.
I need a php lib that can auth using OpenID against sites offering this service, like Google, Yahoo, Wordpress, etc...
Anyone used any lib that actuallly works? I've tryied a few but couldn't get any to auth against Google, Yahoo, or Wordpress.
I would highly recommend LightOpenID by Mewp. It comes with a great example and has no unusual dependencies (the only requirement you need to be aware of is that of the CURL PHP extension). It's entirely self-contained, it's only one file, and the code is very readable. There are more tasty details.
Zend.OpenID
With Zend Framework, you can simply use the Zend_OpenID component without having to use the MVC functionality or any configuration files that are not concerned with OpenID
phpOIDC implements both consumer and provider for OpenID connect.
OpenID connect is a new spec that was released in 2014 and is worth looking at.
I am using sfOpenID plugin for Symfony, which doesn't support OpenID 2.0. That means, for example, that people using Yahoo! OpenID can't login to my site.
There is an OpenID 2.0 plugin that works with sfGuard, but I am not using nor planning to use sfGuard. Plus, it requires to install Zend framework, too, which is an overkill in my scenario.
So I've got two questions, really:
is there another OpenID plugin for Symfony supporting OpenID 2.0?
what would be the hack required to make sfOpenID support OpenID 2.0?
I suppose I could study OpenID specs and hack it myself, but then, I am a lazy programmer :)
I think you've covered all your options with sfOpenID and taOpenIDsfGuardPlugin for Symfony's plugins.
Without studying OpenID's specs in detail though, you could try one of those PHP libraries (http://wiki.openid.net/Libraries) by dropping it in your lib and connecting to a sfUser, or whatever you're using for authentication. There is also the OpenID Enabled library (http://openidenabled.com/php-openid/) which still uses PHP4 although compatible with PHP5 if you tweak the error reporting level to exclude some warnings.
There are a few tutorials out there that explains how to enable OpenID on your site with PHP: http://www.saeven.net/openid.htm or http://www.plaxo.com/api/openid_recipe.
And better yet, use this knowledge to make a sfPlugin out of it afterwards.
There is an easier way. JanRain offers OpenID (and facebook) as a service http://rpxnow.com . Vastly easier/quicker than going native with the libraries.
i had ( and i'm still having ) the same problem. Firstly there isn't any php5 openid library that is feature complete. The only one was abandoned for the one shipped with Zend Framework.
So you either write your own ( don't recomend , lot of work ), or use the one from Zend ( that is what i Use).
The problem is that it is heavily embeded into Zend and requires lots of ZF stuff.
Maybe i will publish a plugin similar to taOpenIDsfGuardPlugin but for use withouth sfGuard, because it's often asked for ( and i will need it for my future projects ;))