Setting Up an OpenID with PHP

Originally published: 01/2007 by J Wynia

One of the best, simple things I ever did online was to register wynia.org as a domain name. Ever since, I haven't needed to worry about *which* email address I used on that site when I signed up. I don't have to have some other company's name as part of my web URL on my resume, and, if you can remember my name, you can find my site and get me email.

Given the pain that went away with having a permanent "home" online, I've been eyeing the OpenID activities with keen interest. While I'm semi-OK with site-specific logins for things like banking and other sensitive data, I'm thoroughly sick of having to create a login for every single forum, discussion group, etc. that I want to participate in or non-critical site I want to use.

OpenID gives you a single URL that you use as your identity on other sites. It's secured with a password. The site you're wanting to use just has you enter your OpenID and they use your OpenID server to authenticate. Next thing you know, you're using the site as "you" without a new account somewhere.

If you're looking to just have an OpenID for yourself and maybe one or 2 other people, phpMyID is a nice, simple solution. I've had installing it on my TODO list for quite a while and finally got around to it last night.

It comes with a core class that you include into each identity that you want the server to handle. The identities are each in their own PHP file, named whatever you want. If you're only going to serve up one OpenID (like I am for right now), you can name it openid.php. Anyone else who wants to use my server will get a similar file, named username.php, etc. I named mine this way to have an easy to remember and nice-looking URL.

At any rate, in the openid.php file, there are a few things you need to change, including the username and the password. However, rather than just storing the password in the file, you actually store an md5() hash that you send in instead.

To generate the appropriate string to use as a password, you need to md5() a combination of things, strung together with colons between them. I just made a one line PHP script that spits out the appropriate value to put into the script.


print(md5("username:phpMyID:yourpassword"));

I put the result of that in as the "auth_password" and set the rest of the stuff to fairly obvious settings. I then put the openid.php file on my personal subdomain: j.wynia.org. So, my new OpenID URL is: http://j.wynia.org/openid.php.

Once you think you've got your OpenID set up properly, you can test it out via the test script at OpenIDEnabled.com. I just gave it the OpenID URL above and logged in without any glitches.

Overall, I like this approach a LOT better than the more centralized models for single account signon because I can control it. It's not going to go away because some startup decided to spend all of their money on massages for employees' pets and went bankrupt.

I still need to integrate the autodiscovery into the site properly, but the test login works, so I'm happy.

Comments

BillyG on 1/15/2007
I don't have my own server (yet) and its been awhile since I set mine up, but yea I need to start using mine too. You'd think me writing about it recently (on yet another dusty blog lol http://billy-girlardo.com/all-over-IT/) would prod me in that direction, but I still haven't gotten around to it. Bad habit I guess... http://billyg.myopenid.com/
Feir on 1/15/2007
Nice going to OpenID. But why dont you nake OpenID comment active in your blog. It is very simple with the wordpress OpenID comment plugin.
J Wynia on 1/16/2007
I was planning on hooking that up, but I'm actually moving to a new Wordpress installation soon (this one has some problems right now) and won't be messing with the plugins in this installation until then.
Devon Young on 2/21/2007
In the past week, I've had to create whole new accounts 7 times. Yes, 7 new accounts. Each of these accounts were for things I needed for 5-15 minutes and then won't be using again (usually it's a site that requires I login in order to download something or stuff like that). That doesn't count the many sites I've chosen not to make a new account with, simply because I decided it wasn't worth the effort of signing up somewhere...again. Now that OpenID is becoming a little more widespread, I'm becoming very interested in it too. Nice post.
Ben Dodson on 3/1/2008
Hello - I wrote an installer for phpMyID (called phpMyOpenID.. original huh?) which might help with the setup a little as it makes it a lot easier. My latest version also has built-in support for multiple users which might help you out Devon. I'm just about to release version 2 but if anyone would like to beta test it before the release, then please visit my site at http://labs.bendodson.com/phpmyopenid/
Bob Mitchell on 12/27/2008
Is this still working for you? I've done pretty-much the same thing (hosting an instance of this on http://www.bob-o-rama.com/). Next step allow logins to my own site with OpenID.
blog comments powered by Disqus
Or, browse the archives.
© 2003- 2014 J Wynia. Very Few Rights Reserved. This article is licensed under the terms of the Creative Commons Attribution License. Quoted content or content included from others is not subject to that license and defaults to normal copyright.