I've been banging my head against the wall trying to add openid to my PHP webapp, but none of the libraries provided seem to do it in a clean and simple way.
Is there any way to implement openid SSO without being forced into more design choices than is necessary?
The janrain library - being the most popular - is also the most unwieldy, although it seems to be the only one getting significant maintenance. Aside from lacking a clear and simple tutorial, it also imposes some strange filesystem requirements and code dependencies.
Any and all suggestions are welcome. I realize I'm interacting with other servers and that redirects and callbacks are required. Please bear in mind, this isn't my main complaint, I understand the nature of what I'm working with.
I just wish it was easier and more clearly laid out!
Is OpenID Dead? Yes, OpenID is an obsolete standard that is no longer supported by the OpenID Foundation.
If your organization uses an API-centered architecture, OIDC will provide a better experience for users of native and single-page applications. OIDC is lightweight and more performance-friendly than SAML. For large enterprises that require a higher level of security, SAML might be the better choice.
OpenID lacks user authorization data (such as permissions) and focuses primarily on identity assertion. SAML is an identity data exchange and is very feature-rich. Authentication is decentralized with OpenID. SAML uses assertions versus the OpenID and OAuth architecture of ID tokens.
If you're using PHP5, I suggest trying LightOpenID.
I use the Zend openid library (best of a bad bunch), but it doesn't support all the latest openid features - not found a perfect implementation yet tbh..
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With