Search

A new extension, “OpenID Authentication” is now available for download. Comments and feedback can be left here but if you discover any issues, please post it on the issue tracker.

Very nice.

Spot on!

That is awesome!

This is bloody amazing, good job, I’ll be sure to check this out in more detail!

This is going to be really useful, grazie Marco! :)

Thanks guys! ^^

Hey I just dicsovered janrain could it be a match for this extension?

How would you like to see it integrated? Most of the things janrain provides are easy to rebuild in symphony, for free :)

I havent looked at janrain in detail yet, isn’t it free then? In fact I thought openID was the one universal solution, seems not?

Take a look at their solutions.

They’ve got a free package, but it’s very limited. And if you’re willing to pay, you always end up having some weird marketing-oriented limitations. That’s just my opinion, of course.

Howerver I must give them credit because the php library that power this extension have been coded by them and it’s available on github.

OpenID Authentication updated to version 0.2 on 9th of February 2011

@alpacaaa, I’m having a little trouble getting the OpenID extension to work. I wonder if you have any insights on the issues I’m having:

Instead of allowing users to choose a provider, we are enforcing Google for our intranet. So, I suppose all that is needed is the Sign In button, with a hidden field specifying Google as the provider.

<form action="" method="get" id="openid-form">
    <input type="hidden" name="action" value="verify" />
    <fieldset>
        <legend>Sign-in with your Google account</legend>

        <div id="openid-input_area">
            <input id="openid-identifier" name="openid-identifier" type="hidden" value="https://www.google.com/accounts/o8/id" />
            <input id="openid-submit" type="submit" value="Sign-In" />
        </div>
    </fieldset>
</form>

It appears that everything is working until I get the response back from Google, where I get the following error:

loadXML(): EntityRef: expecting ';' in Entity, line: 73

When I view the debug info, line 73 is the message node of the XML:

<authentication status="failed">
    <message>OpenID authentication failed: Invalid openid.mode '<No mode set>'</message>
</authentication>

I have the store-path set in the config.php file and I can see that directories have been created:

  • associations
  • nonces
  • temp

And there is a file saved to the associations directory:

  • https-www.google.com-XXXX...etc

However, I can’t get past the entity reference XSLT processing error. Do you know where that is coming from?

Hmm. That’s puzzling. We’re not using mod_security on our server.

I’ll investigate a bit furter to see if something is broken in the extension.

Just tested your code on a fresh 2.2 install and it works fine.

Looks like a server related issue, I'm afraid I can't be of much help :(

Thanks for looking into it, Marco. We'll try to figure out what the issue is on our servers. I tried a clean install with the example form from the OpenID Authentication event on a shared server on Joyent as well. The event triggered a 500 server error. There is definitely something happening on the server side that I'll have to investigate.

It would be interesting to see what's causing the error. Could you please have a look at your error.log?

Thanks for reporting.

I turned display errors on for the install on the shared server. That was my mistake, to do with not updating the submodule for the php-openid library.

The trouble we were having on our own servers involved a couple issues. First, it appears that mod_rewrite was modifying the query string values that were being returned. So we applied a patch to the php-openid library to use the REQUEST_URI instead of the QUERY_STRING. Go to the php-openid directory to apply the patch:

cd extensions/openid_auth/lib/php-openid
git apply ../../OpenID-mod_rewrite.patch

The other issue was that the php-openid library doesn't support Google Apps out of the box. We needed an add-on to the library that enables the use of Google Apps host domains as an OpenID provider: PHP Extensions for Google Apps OpenID Discovery.

We hacked up the extension to enable authentication for Google Apps, but in a way that means that it no longer works for other providers.

So, now that authentication is working, I'm wondering how to log out. Also, if I want to offer a couple different methods to sign in: OpenID and the Members extension, how do I integrate the two? The members extension (the version I have hacked up to work until the stable release) manages event permissions, but the extension will not recognize anyone signed in with OpenID as an active member. Unless I open up event permissions to guests, events will not be accessible for those who sign in with OpenID.

I was going to integrate Members and OpenID authentication systems by matching the email address. I would need the OpenID Simple Registration data available as parameters to filter the Members section entries. The events/openid-auth/sreg data is being successfully returned now, so I need to be able to add these values to the parameter pool.

Create an account or sign in to comment.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details