[cvs] [Wiki] changed: Project/OpenID

Wed May 28 01:58:44 UTC 2008

chuck  Tue, 27 May 2008 21:58:44 -0400

Modified page: http://wiki.horde.org/Project/OpenID
New Revision:  1.2
Change log:  more openid notes and links

@@ -6,14 +6,41 @@

 Provide both client and server !OpenID support for Horde (these are
different things).

 ++ Bugs
+
+http://bugs.horde.org/ticket/6571

 ++ People

 ChuckHagenbuch is interested in this project, and can provide expert
support on Horde's authentication layer.

 ++ Description
+
++++ Notes
+
+As posted a few months back, I had started working on a PHP5 OpenID library
that I wished to port to the framework since it seemed a reasonable addition
given our web app focus. Given the complexity of OpenID as a distributed
authentication service there are numerous components. Each by itself is
actually not that hard, most of the problem is putting them together with a
solid set of integration tests.
+
+These include wrappers for large integer (> 32 bits) libraries since bcmath
alone is awfully slow for this compared to gmp, cryptographic algorithms,
and even a separate extensible web service (already proposed on the wiki).
The list of possible sub-components that could feasibly get started with
include:
+
+Zend_Service_Yadis
+Zend_Crypt_DiffieHellman
+Zend_Crypt_Rsa
+Zend_Crypt_Hmac
+Zend_Crypt_Xtea
+Zend_Math_BigInteger
+
+An actual Zend_Service_Openid would need all of the above as well as
general file parsers. I was looking for an opinion as to whether these are
acceptable as individual proposals. It seems to make sense rendering OpenID
into it's reusable constituent parts rather lumping everything (and
inevitably burying/hiding it) into the Openid namespace. I don't want to go
spamming the wiki with 6+ proposals until I get a little feedback either :).
+
+Any thoughts/comments on this, or OpenID in the ZF in general, are
appreciated. :) The primary goal is to implement OpenID 1.1 and 2.0 to the
extent necessary to authenticate. The basis of an OpenID server can be
considered after.
+
+
+JanRain code:
+I dug through the JanRain code quite a bit, and it's a bit bloated and
sloppy, but I think that's just a side-effect of the library having been
ported to a number of different languages, and clearly PHP wasn't the
original. You might also be interested in Wez's much simpler code:
+
+http://netevil.org/node.php?nid=949
+
+Unless you're in an environment where you can apply his patch, you can only
implement the dumb mode (or do all of that big number math in PHP, which
seems wasteful and error-prone). I was hoping the JanRain library would just
work, since Wez's patch won't be an option for most people until the next
public release of PHP.

 ++ Resources

 * http://openid.net/developers/
@@ -22,8 +49,24 @@
 * http://wiki.guruj.net/Clamshell!Home
 * http://openidenabled.com/php-standalone-openid-server
 * http://www.plaxo.com/api/openid_recipe
 * http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers
+
+http://www.openidenabled.com/openid/libraries/php
+http://www.openidenabled.com/resources/openid-test/checkup/
+http://iwantmyopenid.org/bounty
+
+http://www.intertwingly.net/blog/2006/12/28/Unobtrusive-OpenID
+http://intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers
+http://netevil.org/blog/2007/06/howto-set-yourself-up-with-an-openid
+
+http://siege.org/projects/phpMyID/
+
+http://en.wikipedia.org/wiki/OpenID
+http://en.wikipedia.org/wiki/Yadis
+
+http://www.thespanner.co.uk/2007/06/29/openid-security-issues/
+


 ----
 Back to the ((Projects|Project List))
