Yii 1.1: loid

Implements LightOpenID class support into Yii Framework
19 followers

This extension based on LightOpenID class.

Intro

An PHP 5 library for easy openid authentication. Works only as a consumer. more…

Features:

* Easy to use. (you can code a functional client in less than ten lines of code)
* Depends only on curl
* Supports both OpenID 1.1 and 2.0
* Supports Yadis discovery
* Supports only stateless/dumb protocol
* Works with PHP >= 5
* Generates no errors with error_reporting(E_ALL | E_STRICT)

About extension

  • This extension is directory independent, you can use it any desired directory without rewritting import() instructions.
  • Extension is fully updatable. You can rewrite LightOpenID class with fresh version with any newer LightOpenID version without any corrections in extension code.

Requirements

CURL.

Installation

First you must install extension to your project:
You can do it in 2 ways:

Way 1: in your project config.php in the components section, add the following:

'loid' => array(
               //alias to dir, where you unpacked extension
    'class' => 'application.extensions.lightopenid.loid',
),

Way 2: in your controller code:

Yii::app()->setComponents(array('loid'=>array('class'=>'application.extensions.lightopenid.loid')));
),

Usage

Simple usage:

$loid = Yii::app()->loid->load();
if (!empty($_GET['openid_mode'])) {
    if ($_GET['openid_mode'] == 'cancel') {
        $err = Yii::t('core', 'Authorization cancelled');
    } else {
        try {
            echo $loid->validate() ? 'Logged in.' : 'Failed';
        } catch (Exception $e) {
            $err = Yii::t('core', $e->getMessage());
        }
    }
    if(!empty($err)) echo $err;
} else {
    $loid->identity = "http://my.openid.identifier"; //Setting identifier
    $loid->required = array('namePerson/friendly', 'contact/email'); //Try to get info from openid provider
    $loid->realm     = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST']; 
    $loid->returnUrl = $loid->realm . $_SERVER['REQUEST_URI']; //getting return URL
    if (empty($err)) {
        try {
            $url = $loid->authUrl();
            $this->redirect($url);
        } catch (Exception $e) {
            $err = Yii::t('core', $e->getMessage());
        }
    }
}

Configuration:

You can set loid configuration by 2 ways:

01. After load configuration:

$loid = Yii::app()->loid->load();
$loid->identity = "http://my.openid.identifier"; //Setting identifier
$loid->required = array('namePerson/friendly', 'contact/email'); //Try to get info from openid provider

02. Onload configuration:

$config = array('identity'=>'http://my.openid.identifier','required'=>array('namePerson/friendly', 'contact/email'));
$loid = Yii::app()->loid->load($config);

LightOpenid usage ReadMe:

/**
 * This class provides a simple interface for OpenID (1.1 and 2.0) authentication.
 * Supports Yadis discovery.
 * The authentication process is stateless/dumb.
 *
 * Usage:
 * Sign-on with OpenID is a two step process:
 * Step one is authentication with the provider:
 * <code>
 * $openid = new LightOpenID;
 * $openid->identity = 'ID supplied by user';
 * header('Location: ' . $openid->authUrl());
 * </code>
 * The provider then sends various parameters via GET, one of them is openid_mode.
 * Step two is verification:
 * <code>
 * if ($this->data['openid_mode']) {
 *     $openid = new LightOpenID;
 *     echo $openid->validate() ? 'Logged in.' : 'Failed';
 * }
 * </code>
 *
 * Optionally, you can set $returnUrl and $realm (or $trustRoot, which is an alias).
 * The default values for those are:
 * $openid->realm     = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];
 * $openid->returnUrl = $openid->realm . $_SERVER['REQUEST_URI'];
 * If you don't know their meaning, refer to any openid tutorial, or specification. Or just guess.
 *
 * AX and SREG extensions are supported.
 * To use them, specify $openid->required and/or $openid->optional before calling $openid->authUrl().
 * These are arrays, with values being AX schema paths (the 'path' part of the URL).
 * For example:
 *   $openid->required = array('namePerson/friendly', 'contact/email');
 *   $openid->optional = array('namePerson/first');
 * If the server supports only SREG or OpenID 1.1, these are automaticaly
 * mapped to SREG names, so that user doesn't have to know anything about the server.
 *
 * To get the values, use $openid->getAttributes().
 *
 *
 * The library requires PHP >= 5.1.2 with curl or http/https stream wrappers enabled.
 * @author Mewp
 * @copyright Copyright (c) 2010, Mewp
 * @license http://www.opensource.org/licenses/mit-license.php MIT
 */

i18n

Here are i18n pairs to Yii::t() instructions:

'No servers found!' => 'Не найден сервер авторизации. (No servers found!)',
'Invalid request.'=> 'Неверный запрос. (Invalid request.)',
'No identity supplied.'=>'Нет поддержки идентификатора. (No identity supplied.)',
'Endless redirection!'=>'Бесконечный редирект! (Endless redirection!)',

Resources

Total 12 comments

#7227 report it
GOsha at 2012/03/06 12:53am
Host

Thanks for your report. Yes, you`re right - it would work, and maybe more yii-styled. But I solve this operation by single code line:

(!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];

yours is here: CHttpRequest.php#256 Maybe it more flexible and strong but I think users can use single line in 99,9% cases. ;)

#7224 report it
pligor at 2012/03/05 03:26pm
Host

Instead of this line:

$loid->realm = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];

could someone simply use the CHttpRequest methods like that:

$loid->realm = Yii::app()->getRequest()->getHostInfo();

?

#6488 report it
BornToDrink at 2012/01/13 09:30am
Very nice

Very nice extension, here I found detail instruction how to use it together with simpleopenidselector extension: http://stackoverflow.com/questions/5645208/openid-support-for-yii

Working for me.

#6386 report it
Stamm at 2012/01/05 06:50pm
Thanks!

GOsha, thanks! Could you update your extension with update of LightOpenID? Because this affect many peoples, who use or will use this extension.

#6385 report it
GOsha at 2012/01/05 04:49pm
Thanks for your report. BUT...

One of the best thing of this extension - that it uses original LightOpenID class with no changes. It makes loid extension independent from LightOpenID upgrades. Users can upgrade it simply changing LightOpenID.php to newer without waiting new release of this extension.
What concerns your report: LightOpenId uses http/https streams if CURL can`t be used to request.

protected function request($url, $method='GET', $params=array(), $update_claimed_id=false)
    {
        if (function_exists('curl_init')
            && (!in_array('https', stream_get_wrappers()) || !ini_get('safe_mode') && !ini_get('open_basedir'))
        ) {
            return $this->request_curl($url, $method, $params, $update_claimed_id);
        }
        return $this->request_streams($url, $method, $params, $update_claimed_id);
    }

Problem was solved before you asked.

#6383 report it
Stamm at 2012/01/05 12:22pm
Not use an option CURLOPT_FOLLOWLOCATION

May you rewrite a request url by curl without using an option CURLOPT_FOLLOWLOCATION, because it need to disable open_basedir (it very unsecure)?

Here is an solution: http://www.php.net/manual/ru/function.curl-setopt.php#102121

curl_setopt(): CURLOPT_FOLLOWLOCATION cannot be activated when safe_mode is enabled or an open_basedir is set
 
protected/extensions/lightopenid/LightOpenID.php(142)
#4682 report it
hobs at 2011/08/04 12:33am
Excellent Usage Example

This stackoverflow discussion describes a working configuration in detail.

#2577 report it
PrplHaz4 at 2011/01/18 09:12pm
Example with simpleopenidselector

I noticed you uploaded this around the same time as the openid selector. Any chance you could post us an example of how you used this with simpleopenidselector? I have a rudimentary implementation of OpenID using eopenid, with a method added to the UserIdentity class (under the authentication method) called "openauth", which is called after openidselector returns a provider.

Thanks either way!

#2521 report it
GOsha at 2011/01/13 10:53am
CURL in loid

//The library requires PHP >= 5.1.2 with curl or http/https stream wrappers enabled.
Streams used if curl not enabled, but you're right, CURL is optional.

#2520 report it
Eliovir at 2011/01/13 08:56am
Thanks

Thanks for the explanation.

I've read that Curl is not required, if there is not any curl* function, the library uses PHP streams.

#2518 report it
GOsha at 2011/01/13 04:49am
Another extension for OpenID

If compare this 2 extensions:

EOpenid
EOpenid - 1 file ~26Kb (unpacked)
As I see, all work wor writing this class consists from changing 1 line

//from
class LightOpenID
//to
class EOpenID extends CBaseUserIdentity

That's why I decided to write another

Loid
loid - 2 files ~30.7Kb (unpacked)
Loid has no corrections to main working class, so you can update it by yourself. simply rewrite it by newer.
Loid was written with all rules to write extensions - it has init() function and can be configured and runned with $config in load function. $config - is an array with native public vars to this LightOpenID class.

#2517 report it
Eliovir at 2011/01/13 03:34am
Another extension for OpenID

There is another extension for LightOpenID : http://www.yiiframework.com/extension/copenid/

The EOpenID size is about 7kB, and this one 30KB.

How this one compare to the older?

Leave a comment

Please to leave your comment.

Create extension