Accepting the Google OpenID with PHP OpenID

Published on and tagged with openid  php

If you are using the PHP OpenID library (which is also used by my OpenID component for CakePHP), it is possible that you get an “Invalid OpenID” error when you try to login with the Google OpenID (https://www.google.com/accounts/o8/id), or any other OpenID that uses “https”.

In this case, the following steps might help to fix this issue:

  • Ensure you have Curl and OpenSSL installed
  • Enable the Curl and OpenSSL extensions in your php.ini (on Archlinux this file is found in /etc/php/):
    extension=curl.so
    extension=openssl.so
    
  • Restart your web server

Now the error message should disappear and you should be able to log in with the Google OpenID.

—-

That’s it for 2009. It was a rather lazy year on this blog from my side (I didn’t even manage to do a redesign…), and so I hope I will be a bit less lazy with writing on this blog in 2010.

Anyway, thank you for reading this blog, and for all your comments and emails. A Happy New Year everyone & cu in 2010 :)

10 comments baked

  • vivanno.com::aggregator » Archive » OpenID Google avec PHP OpenID

    [...]  Accepting the Google OpenID with PHP OpenID () [...]

  • OpenID Google avec PHP OpenID | traffic-internet.net

    [...]  Accepting the Google OpenID with PHP OpenID (0 visite) [...]

  • Brendon Kozlowski

    I recently had a similar issue when trying to access the Prowl (prowl.weks.net) service with PHP over SSL. It didn’t occur to me that I needed to enable openssl in my php.ini file. It took me about 7 hours to accidentally stumble upon that. Unlike the PHP Open ID library, I wasn’t getting any error message, the return payload was simply null.

    How long did it take you to find this out?

  • cakebaker

    @Brendon: Thanks for your comment!

    It took me quite a while to figure out this thing ;-)

  • Steinkel

    Can I test the component from localhost or do I need to setup a real domain name to correctly test it ?

  • cakebaker

    @Steinkel: It should work from localhost. Do you encounter any problems?

  • Yura

    That’s great, but is there anything else you could think of that would give the same error?
    The example application works great for me on my localhost, but when i try it on my server it gives me “Invalid OpenID” message when I try a google openid. It authenticates with yahoo, but not google.
    I’ve double checked and phpinfo shows curl and openssl to be enabled.

  • cakebaker

    @Yura: Thanks for your comment.

    According to an answer on stackoverflow it is possible that the ca-certificates package is not installed. There is also a hack mentioned, though I would first check whether the ca-certificates are there.

    Hope this helps!

  • Marcos

    Hello,

    I’m trying to use the component and em get the message “Invalid OpenID.” I’m trying the compoenente on a local server linux Apache, PHP 5.3.3 with OpenSSL enabled and Curl enabled.

    I tried it with a Google Account. This is my code.

    class UsersController extends AppController {
    	public $components = array('Openid'=> array('accept_google_apps' => true), 'RequestHandler');
    	public $uses = array();
    
    	public function login() {
    		$realm = 'http://' . $_SERVER['HTTP_HOST'].'/marcos.fermin/DESARROLLO/tasktucu';
    		$returnTo = $realm . '/index.php/users/login';
    
    		if ($this->RequestHandler->isPost() && !$this->Openid->isOpenIDResponse()) {
    			try {
    				echo $this->data['OpenidUrl']['openid'].", $returnTo, $realm";
    				$this->Openid->authenticate($this->data['OpenidUrl']['openid'], $returnTo, $realm);
    			} catch (InvalidArgumentException $e) {
    				$this->set('error', /*'Invalid OpenID'*/ $e->getMessage());
    			} catch (Exception $e) {
    				$this->set('error', $e->getMessage());
    			}
    		} elseif ($this->Openid->isOpenIDResponse()) {
    			$response = $this->Openid->getResponse($returnTo);
    
    			if ($response->status == Auth_OpenID_CANCEL) {
    				$this->set('error', 'Verification cancelled');
    			} elseif ($response->status == Auth_OpenID_FAILURE) {
    				$this->set('error', 'OpenID verification failed: '.$response->message);
    			} elseif ($response->status == Auth_OpenID_SUCCESS) {
    				echo 'successfully authenticated!';
    				exit;
    			}
    		}
    	}
    }

    Apparently, I have everything configured properly, why do I get the error “Invalid OpenID”?

    Regards!

  • cakebaker

    @Marcos: Does it work with other OpenIDs (e.g. from MyOpenid.com) if you set “accept_google_apps” to false?

Bake a comment




(for code please use <code>...</code> [no escaping necessary])

© daniel hofstetter. Licensed under a Creative Commons License