OpenID component for CakePHP

A component for authenticating with OpenID. Also supports Email Address to URL Transformation (EAUT).

Updates

• 2009-05-04: Adding cleanup() method
• 2008-11-10: Applying patch by Florian Fritz. It is now no longer necessary to modify the OpenID library. Thanks to Florian!
• 2008-08-27: Adding support for MySQL
• 2008-08-09: Adding support for Email Address to URL Transformation (EAUT)
• 2008-06-09: Renaming parameter of OpenidComponent::getResponse() to use the same term as is used in version 2.1.0 of the OpenID library
• 2008-06-06: Minor changes to avoid deprecation messages with CakePHP 1.2 RC1
• 2008-02-06: Component updated for PHP OpenID 2.0.0, not compatible with earlier versions due to API changes
• 2007-03-02: Fixing “No XML parser” error by providing a slightly modified version of the OpenID library
• 2007-02-23: Fixing a bug with path separators on Windows (thanks to Simon Jackson for reporting it)

Development

• http://github.com/cakebaker/openid-component

Requirements

• CakePHP 1.2 (not tested with CakePHP 1.1.x.x)
• PHP5
• PHP OpenID Library 2.1.x (version 2.0.1 also works)
• EAUT library (optional)

License

• MIT

Donations

• If this component is useful for you, please consider to leave a donation. Thank you!
  

Installation

• Download the OpenID component
• Copy the file from the zip to “app/controllers/components”
• Download the PHP OpenID Library 2.1.x
• Copy the “Auth” folder from the zip to one of your “vendors” folders
• In “Auth/OpenID/Consumer.php” replace This step is no longer necessary with the latest version of the OpenID component.

  if (Auth_OpenID::arrayGet($q, $key) != $value) {
  

  on line 922 with

  if ($key != 'url' && Auth_OpenID::arrayGet($q, $key) != $value) {
  

• If you want support for EAUT, download the EAUT library and place Email.php in the Auth/Yadis folder
• Add the component to the $components array of your controller(s) with:

  public $components = array('Openid');
  

Example usage

Login form (app/views/users/login.ctp):

<?php
if (isset($message)) {
    echo '<p class="error">'.$message.'</p>';
}
echo $form->create('User', array('type' => 'post', 'action' => 'login'));
echo $form->input('OpenidUrl.openid', array('label' => false));
echo $form->end('Login');
?>

And the controller (app/controllers/users_controller.php):

class UsersController extends AppController {
    public $components = array('Openid');
    public $uses = array();

    public function login() {
        $returnTo = 'http://'.$_SERVER['SERVER_NAME'].'/users/login';

        if (!empty($this->data)) {
            try {
                $this->Openid->authenticate($this->data['OpenidUrl']['openid'], $returnTo, 'http://'.$_SERVER['SERVER_NAME']);
            } catch (InvalidArgumentException $e) {
                $this->setMessage('Invalid OpenID');
            } catch (Exception $e) {
                $this->setMessage($e->getMessage());
            }
        } elseif (count($_GET) > 1) {
            $response = $this->Openid->getResponse($returnTo);

            if ($response->status == Auth_OpenID_CANCEL) {
                $this->setMessage('Verification cancelled');
            } elseif ($response->status == Auth_OpenID_FAILURE) {
                $this->setMessage('OpenID verification failed: '.$response->message);
            } elseif ($response->status == Auth_OpenID_SUCCESS) {
                echo 'successfully authenticated!';
                exit;
            }
        }
    }

    private function setMessage($message) {
        $this->set('message', $message);
    }
}