Implementing OpenID Using PHP
The full code for this sample is available at https://github.com/jcleblanc/programming-social-applications/tree/master/chapter_11/openid-php.
Our first practical OpenID implementation example will use PHP. Our intention is to build out an end-to-end implementation that will allow a user to input the OpenID provider that she wants to use, after which the program will allow her to log in with that provider service and deliver information about her at the end of the authentication process.
In addition to obtaining a pass/fail state for whether the user authenticated, we will acquire additional information and levels of security by implementing the previously discussed OpenID extensions:
Simple Registration for acquiring basic user information
Attribute Exchange for acquiring more extensive user information
PAPE for providing additional security levels
At the end, we will have a solid understanding of how OpenID functions from a programmatic perspective.
The discovery form
Let’s start off the process by building out the form that will allow the user to input the provider OpenID URL she wants to use and select some of the PAPE policies that she would like to send along as well.
In a real-world implementation, you would not provide the user with a form field to have her input the OpenID provider URL or the policies that she would like to use. As mentioned earlier, you would add icons (or some other identifying marker) for each provider option in order to allow ...