Since I last looked at phpMyId, it has progressed from version 0.3 to version 0.7. A number of changes occurred.
For starters, the code has been split into two files, MyID.config.php and MyID.php. The idea is that the former is the only file a typical user would need to modify. I just don’t happen to be a typical user. :-)
Decrufting is still possible, simply rename MyID.config.php to index.php, and add a line to the $GLOBALS['profile'] section like this one:
'idp_url' => 'http://intertwingly.net/id/'
With this version of phpMyId, the server and delegate URIs must match, so if you use traditional autodiscovery approach, both the openid.server and openid.delegate links will need to be present. In the YADIS file, simply make the openid:Delegate and URI elements match.
I briefly looked into adding a delegate_for profile option, whose value would be a regular expression of URIs that this service would vouch for. Unfortunately, this would require that the code base be more careful about keeping these two values separate. As I still have my 0.3-based identity around, I simply have the autodiscovery link point to my 0.3 identify (for old clients), and have my YADIS file point to my 0.7-based identify (for new clients).
The most significant change was that this codebase uses HTML based refreshes in place of HTTP redirects in more places. The HTML page itself is hardcoded, spartan, and (to my tastes) unnecessarily distracting when used in the normal flow of a successful login. I made the following changes to my copy to address this:
Returning to this venue, after long hiatus: hi! Today’s topic: So You Want To Get You One Of Them OpenIDs. And, you’re the sort of rugged DIY nerdo who hosts his own sites; and, you’re the sort of cheapskate who uses Dreamhost to...
I had been flirting with setting up an OpenID for a while, and finally got around to it--thanks for the guidance. One thing about decrufting: I had to use the .htaccess files with my hosting, so instead of renaming anything, I just added
to the .htacces file. How do you like YADIS? There are weakness to your Mod_Rewrite rules for it: you should set the Vary: Accept header, and what if, for some reason, Web browsers add application/xrds+xml to their accept headers?
As I have been spending all day investigating all the different ways of securing a Web API (oAuth mainly) and all kind of user authentications (WSSE, AuthSub, OpenID), I decided to try out OpenID (especially since Yahoo announced their support and...
Hi - can I suggest adding somewhere a place to test your login, its hard to find anywhere - not on OpenId site or anywhere else to just type in an OpenId and see if it works.
I had a configuration error and Blogger just kept telling my I had an OpenId Failure (even worse it told me in German as that is where I am today!) but I had no idea if the problem was that it wanted the URL different or what.