What is OpenID? OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID takes advantage of already existing internet technology (URI, HTTP, SSL, Diffie-Hellman) and realizes that people are already creating identities for themselves whether it be at their blog, photostream, profile page, etc. With OpenID you can easily transform one of these … Read more
First I’d like to emphasize the difference between authentication and authorization: A user authenticates to your web site by supplying some credential such as a username+password. OpenID allows this to be displaced by having the user authenticate to another service, which then asserts the user’s identity to your web site on the user’s behalf. Your … Read more
For PHP, I find Zend Framework OpenID Component to be really good. You can also see all available OpenID libraries at this link
I would propose to use the http://code.google.com/p/openid-selector/ library. It has the most used urls + graphics for each site. It is what stackoverflow uses.
Ok figured it out. I posted a question on Goolge’s Federated Log API group and was told to use Attribute exchange. Below is the code for DotNetOpenAuth. Please don’t use this code in production. This is for illustration purposes only! The Request: using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) { IAuthenticationRequest request = openid.CreateRequest(openidurl); var fetch … Read more
UPDATE: see below I’ve been thinking hard about this question too. It’s not entirely clear to me yet but here’s the route I am thinking of going. I am creating a REST API an my users only auth with Facebook connect. On the CLIENT: Use the Facebook API to login and get an OAUTH2 code. … Read more
The one that has proven to work best for me, and which seems most up-to-date is the one over at launchpad. It integrated seamlessly with my application that already utilizes the django.auth module. https://launchpad.net/django-openid-auth To get a copy run: bzr branch lp:django-openid-auth Or install it via PyPI pip install django-openid-auth
Thanks to some other comment on Stackoverflow.com I came to learn about LightOpenId. It is really easy to use. The example code just works(without any configuration): <?php require ‘openid.php’; try { $openid = new LightOpenID; if(!$openid->mode) { if(isset($_POST[‘openid_identifier’])) { $openid->identity = $_POST[‘openid_identifier’]; header(‘Location: ‘ . $openid->authUrl()); } ?> <form action=”” method=”post”> OpenID: <input type=”text” name=”openid_identifier” … Read more
Having not been able to get Uri.EscapeDataString to take on RFC 3986 behavior, I wrote my own RFC 3986 compliant escaping method. It leverages Uri.EscapeDataString, and then ‘upgrades’ the escaping to RFC 3986 compliance. /// <summary> /// The set of characters that are unreserved in RFC 2396 but are NOT unreserved in RFC 3986. /// … Read more