loid | Extensions | Yii PHP Framework

Yii Framework Extensions

Createnew extension

Popular Tags

loid Implements LightOpenID class support into Yii Framework

Intro
About extension
Requirements
Installation
Usage
Configuration:
LightOpenid usage ReadMe:
i18n
Resources

This extension based on LightOpenID class.

Intro ¶

An PHP 5 library for easy openid authentication. Works only as a consumer. more…

Features:

* Easy to use. (you can code a functional client in less than ten lines of code)
* Depends only on curl
* Supports both OpenID 1.1 and 2.0
* Supports Yadis discovery
* Supports only stateless/dumb protocol
* Works with PHP >= 5
* Generates no errors with error_reporting(E_ALL | E_STRICT)

About extension ¶

This extension is directory independent, you can use it any desired directory without rewritting import() instructions.
Extension is fully updatable. You can rewrite LightOpenID class with fresh version with any newer LightOpenID version without any corrections in extension code.

Requirements ¶

CURL.

Installation ¶

First you must install extension to your project:
You can do it in 2 ways:

Way 1: in your project config.php in the components section, add the following:

'loid' => array(
               //alias to dir, where you unpacked extension
    'class' => 'application.extensions.lightopenid.loid',
),

Way 2: in your controller code:

Yii::app()->setComponents(array('loid'=>array('class'=>'application.extensions.lightopenid.loid')));
),

Usage ¶

Simple usage:

$loid = Yii::app()->loid->load();
if (!empty($_GET['openid_mode'])) {
    if ($_GET['openid_mode'] == 'cancel') {
        $err = Yii::t('core', 'Authorization cancelled');
    } else {
        try {
            echo $loid->validate() ? 'Logged in.' : 'Failed';
        } catch (Exception $e) {
            $err = Yii::t('core', $e->getMessage());
        }
    }
    if(!empty($err)) echo $err;
} else {
    $loid->identity = "http://my.openid.identifier"; //Setting identifier
    $loid->required = array('namePerson/friendly', 'contact/email'); //Try to get info from openid provider
    $loid->realm     = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST']; 
    $loid->returnUrl = $loid->realm . $_SERVER['REQUEST_URI']; //getting return URL
    if (empty($err)) {
        try {
            $url = $loid->authUrl();
            $this->redirect($url);
        } catch (Exception $e) {
            $err = Yii::t('core', $e->getMessage());
        }
    }
}

Configuration: ¶

You can set loid configuration by 2 ways:

01. After load configuration:

$loid = Yii::app()->loid->load();
$loid->identity = "http://my.openid.identifier"; //Setting identifier
$loid->required = array('namePerson/friendly', 'contact/email'); //Try to get info from openid provider

02. Onload configuration:

$config = array('identity'=>'http://my.openid.identifier','required'=>array('namePerson/friendly', 'contact/email'));
$loid = Yii::app()->loid->load($config);

LightOpenid usage ReadMe: ¶

/**
 * This class provides a simple interface for OpenID (1.1 and 2.0) authentication.
 * Supports Yadis discovery.
 * The authentication process is stateless/dumb.
 *
 * Usage:
 * Sign-on with OpenID is a two step process:
 * Step one is authentication with the provider:
 * <code>
 * $openid = new LightOpenID;
 * $openid->identity = 'ID supplied by user';
 * header('Location: ' . $openid->authUrl());
 * </code>
 * The provider then sends various parameters via GET, one of them is openid_mode.
 * Step two is verification:
 * <code>
 * if ($this->data['openid_mode']) {
 *     $openid = new LightOpenID;
 *     echo $openid->validate() ? 'Logged in.' : 'Failed';
 * }
 * </code>
 *
 * Optionally, you can set $returnUrl and $realm (or $trustRoot, which is an alias).
 * The default values for those are:
 * $openid->realm     = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];
 * $openid->returnUrl = $openid->realm . $_SERVER['REQUEST_URI'];
 * If you don't know their meaning, refer to any openid tutorial, or specification. Or just guess.
 *
 * AX and SREG extensions are supported.
 * To use them, specify $openid->required and/or $openid->optional before calling $openid->authUrl().
 * These are arrays, with values being AX schema paths (the 'path' part of the URL).
 * For example:
 *   $openid->required = array('namePerson/friendly', 'contact/email');
 *   $openid->optional = array('namePerson/first');
 * If the server supports only SREG or OpenID 1.1, these are automaticaly
 * mapped to SREG names, so that user doesn't have to know anything about the server.
 *
 * To get the values, use $openid->getAttributes().
 *
 *
 * The library requires PHP >= 5.1.2 with curl or http/https stream wrappers enabled.
 * @author Mewp
 * @copyright Copyright (c) 2010, Mewp
 * @license http://www.opensource.org/licenses/mit-license.php MIT
 */

i18n ¶

Here are i18n pairs to Yii::t() instructions:

'No servers found!' => 'Не найден сервер авторизации. (No servers found!)',
'Invalid request.'=> 'Неверный запрос. (Invalid request.)',
'No identity supplied.'=>'Нет поддержки идентификатора. (No identity supplied.)',
'Endless redirection!'=>'Бесконечный редирект! (Endless redirection!)',

Resources ¶

7 1

19 followers

5 938 downloads

Yii Version: 1.1

License: MIT

Category: Auth

Tags: authorization, openid, user interface

Developed by: GOsha

Created on: Jan 9, 2011

Last updated: 10 years ago

Downloads

show all

Related Extensions

User Contributed Notes 12

#2517

0 0

Another extension for OpenID

There is another extension for LightOpenID : http://www.yiiframework.com/extension/copenid/

The EOpenID size is about 7kB, and this one 30KB.

How this one compare to the older?

Eliovir at Jan 13, 2011, 8:34:02 AM

#2518

0 0

Another extension for OpenID

If compare this 2 extensions:

EOpenid
EOpenid - 1 file ~26Kb (unpacked)
As I see, all work wor writing this class consists from changing 1 line

//from
class LightOpenID
//to
class EOpenID extends CBaseUserIdentity

That's why I decided to write another

Loid
loid - 2 files ~30.7Kb (unpacked)
Loid has no corrections to main working class, so you can update it by yourself. simply rewrite it by newer.
Loid was written with all rules to write extensions - it has init() function and can be configured and runned with $config in load function. $config - is an array with native public vars to this LightOpenID class.

GOsha at Jan 13, 2011, 9:49:57 AM

#2520

0 0

Thanks

Thanks for the explanation.

I've read that Curl is not required, if there is not any curl* function, the library uses PHP streams.

Eliovir at Jan 13, 2011, 1:56:41 PM

#2521

0 0

CURL in loid

//The library requires PHP >= 5.1.2 with curl or http/https stream wrappers enabled.
Streams used if curl not enabled, but you're right, CURL is optional.

GOsha at Jan 13, 2011, 3:53:02 PM

#2577

0 0

Example with simpleopenidselector

I noticed you uploaded this around the same time as the openid selector. Any chance you could post us an example of how you used this with simpleopenidselector? I have a rudimentary implementation of OpenID using eopenid, with a method added to the UserIdentity class (under the authentication method) called "openauth", which is called after openidselector returns a provider.

Thanks either way!

PrplHaz4 at Jan 19, 2011, 2:12:21 AM

#4682

0 0

Excellent Usage Example

This stackoverflow discussion describes a working configuration in detail.

hobs at Aug 4, 2011, 4:33:19 AM

#6383

0 0

Not use an option CURLOPT_FOLLOWLOCATION

May you rewrite a request url by curl without using an option CURLOPT_FOLLOWLOCATION, because it need to disable open_basedir (it very unsecure)?

Here is an solution: http://www.php.net/manual/ru/function.curl-setopt.php#102121

curl_setopt(): CURLOPT_FOLLOWLOCATION cannot be activated when safe_mode is enabled or an open_basedir is set

protected/extensions/lightopenid/LightOpenID.php(142)

Stamm at Jan 5, 2012, 5:22:35 PM

#6385

0 0

Thanks for your report. BUT...

One of the best thing of this extension - that it uses original LightOpenID class with no changes. It makes loid extension independent from LightOpenID upgrades. Users can upgrade it simply changing LightOpenID.php to newer without waiting new release of this extension.
What concerns your report:
LightOpenId uses http/https streams if CURL can`t be used to request.

protected function request($url, $method='GET', $params=array(), $update_claimed_id=false)
    {
        if (function_exists('curl_init')
            && (!in_array('https', stream_get_wrappers()) || !ini_get('safe_mode') && !ini_get('open_basedir'))
        ) {
            return $this->request_curl($url, $method, $params, $update_claimed_id);
        }
        return $this->request_streams($url, $method, $params, $update_claimed_id);
    }

Problem was solved before you asked.

GOsha at Jan 5, 2012, 9:49:28 PM

#6386

0 0

Thanks!

GOsha, thanks!
Could you update your extension with update of LightOpenID? Because this affect many peoples, who use or will use this extension.

Stamm at Jan 5, 2012, 11:50:21 PM

#6488

0 0

Very nice

Very nice extension, here I found detail instruction how to use it together with simpleopenidselector extension:
http://stackoverflow.com/questions/5645208/openid-support-for-yii

Working for me.

BornToDrink at Jan 13, 2012, 2:30:11 PM

#7224

0 0

Host

Instead of this line:

$loid->realm = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];

could someone simply use the CHttpRequest methods like that:

$loid->realm = Yii::app()->getRequest()->getHostInfo();

pligor at Mar 5, 2012, 8:26:15 PM

#7227

0 0