I need a php lib that can auth using OpenID against sites offering this service, like Google, Yahoo, Wordpress, etc...
Anyone used any lib that actuallly works? I've tryied a few but couldn't get any to auth against Google, Yahoo, or Wordpress.
I would highly recommend LightOpenID by Mewp. It comes with a great example and has no unusual dependencies (the only requirement you need to be aware of is that of the CURL PHP extension). It's entirely self-contained, it's only one file, and the code is very readable. There are more tasty details.
Zend.OpenID
With Zend Framework, you can simply use the Zend_OpenID component without having to use the MVC functionality or any configuration files that are not concerned with OpenID
phpOIDC implements both consumer and provider for OpenID connect.
OpenID connect is a new spec that was released in 2014 and is worth looking at.
Related
Is there something like Hybridauth3, Loginza, or uLogin (but not those as I understand they are not supported by the teams anymore)? Hybridauth is too complex for me for simple auth.
As long as you know how to use code libraries (packages) here is one that is rather popular: https://github.com/laravel/socialite
This one deals with just about any OAuth2 services: https://packagist.org/packages/league/oauth2-client
And here we have a list of SSO packages provided via the composer package manager: https://packagist.org/?q=sso&p=0
Hope this helps you out.
Have you looked at thephpleague's package. Their pakages are always well maintained.
https://github.com/thephpleague/oauth2-client
and even specifics for:
Google (https://github.com/thephpleague/oauth2-google) and
Facebook (https://github.com/thephpleague/oauth2-facebook)
I have used auth libraries from here
opauth and they work quite well.
Libraries from oauthlogin, are also pointed to be reliable but not free
My question is rather simple. Is there a system for CodeIgniter that allows both local and 3rd party login? (Such as FB/Twitter/Google etc.)
I've tried A3M but it's hard to use and requires tinkering before it will even work out of the box, as is the case with outdated software.
My current solution is flexi auth, however it doesn't offer 3rd party login at all, and after an email to the developer it doesn't look like he's planning on integrating it anytime soon.
So does anyone know of a good system that is up-to-date and provides both 3rd party and local login?
If there isn't one, what other PHP framework does have such a package?
Edit for Clarity: I'm looking for a system that does both these things. While I appreciate the answers and comments with systems that I can integrate myself, the end result of that will be shaky at best. There's gotta be someone who's done this before, all integrated into one package so it's designed to work together.
I was also looking for something like this just a month ago, but unsuccessfully. The only framework that has it all integrated in a simple way that I have seen is meteor, but it is not a PHP framework.
I had to do it myself by wrapping different PHP libraries in CI libraries. The source code is on github: CI Twitter and Who You Meet (a live web app), that has Twitter, LinkedIn and Facebook authentication and also a lot of local authentication logic with email verification and password recovery.
I know it can be considered a shameless promotion, but I hope it is useful. Although it is not exactly what you are looking for, it seems to be rather stable, so feel free to re-use it.
Maybe you will have time to extract all this logic in a standalone library (like I did for twitter) for other folks to use :)
If you want a CI OAuth2 implementation you can use this library which is both client and server:
https://github.com/alexbilbie/CodeIgniter-OAuth-2.0-Server
Otherwise for OpenID use this library:
https://github.com/EllisLab/CodeIgniter/wiki/OpenID
Is there some code out there (under BSD or similar license preferably) that implements provider support for OAuth without needing PECL OAuth extension? Zend Framework's Zend_Oauth is pretty good, but it is only the consumer side. So I wonder if there's something like that but for doing the other side (i.e. making OAuth server).
Note that I'm not looking for how to do that with pecl/oauth - this I already have, see for example, Set up a PHP OAuth Provider - but unfortunately not all people can install PECL extensions, so I'm looking for some solution that would reduce requirements.
Have you taken a look at http://pear.php.net/package/HTTP_OAuth/?
I've ended up making some implementation for Oauth provider for Zend Framework, which can be seen here: https://github.com/smalyshev/Zend_OAuth_Provider
I'll improve it if time permits but it works for me right now.
About to start working on a social networking site, but I'd like to incorporate OpenID logins.
The JanRain plugin is packed in Debian, but seems flakey, and my brief interactions with it so far have not gone well. There's a bunch of others out there, but which ones are people using in production?
The OpenID Wiki has a great list of libraries available for PHP. Always begin your searches in the official documentation.
I have personally used and recommend EasyOpenId (requires PHP OpenID).
See PHP library for openID for a list of other PHP OpenID libraries.
I personally use the PEAR OpenID library.
I've used the Zend_OpenID library from the Zend Framework and had good success with that. Very easy to setup and very easy to use. Their documentation on it is pretty extensive as well and comes with some good code samples that should show you everything you need to know. I used this briefly on one of my sites I was working on and only removed it because users didn't like OpenID in general. But the implementation was quick and easy.
Zend Framework OpenID Documentation
I am using sfOpenID plugin for Symfony, which doesn't support OpenID 2.0. That means, for example, that people using Yahoo! OpenID can't login to my site.
There is an OpenID 2.0 plugin that works with sfGuard, but I am not using nor planning to use sfGuard. Plus, it requires to install Zend framework, too, which is an overkill in my scenario.
So I've got two questions, really:
is there another OpenID plugin for Symfony supporting OpenID 2.0?
what would be the hack required to make sfOpenID support OpenID 2.0?
I suppose I could study OpenID specs and hack it myself, but then, I am a lazy programmer :)
I think you've covered all your options with sfOpenID and taOpenIDsfGuardPlugin for Symfony's plugins.
Without studying OpenID's specs in detail though, you could try one of those PHP libraries (http://wiki.openid.net/Libraries) by dropping it in your lib and connecting to a sfUser, or whatever you're using for authentication. There is also the OpenID Enabled library (http://openidenabled.com/php-openid/) which still uses PHP4 although compatible with PHP5 if you tweak the error reporting level to exclude some warnings.
There are a few tutorials out there that explains how to enable OpenID on your site with PHP: http://www.saeven.net/openid.htm or http://www.plaxo.com/api/openid_recipe.
And better yet, use this knowledge to make a sfPlugin out of it afterwards.
There is an easier way. JanRain offers OpenID (and facebook) as a service http://rpxnow.com . Vastly easier/quicker than going native with the libraries.
i had ( and i'm still having ) the same problem. Firstly there isn't any php5 openid library that is feature complete. The only one was abandoned for the one shipped with Zend Framework.
So you either write your own ( don't recomend , lot of work ), or use the one from Zend ( that is what i Use).
The problem is that it is heavily embeded into Zend and requires lots of ZF stuff.
Maybe i will publish a plugin similar to taOpenIDsfGuardPlugin but for use withouth sfGuard, because it's often asked for ( and i will need it for my future projects ;))