Sure, I'm way behind the times, and a lot of my knowledge is obsolete... but I'll bet I'm not the only one who's read the OpenID specs over and over without having a clue what some of the various items mean. How about 4.1.2 "Response Parameters", in the 1.1 spec, for example? Look at mac_key: base64(secret(assoc_handle)). WTF? Granted, once I studied RFC2104 (which, by the way, isn't referenced in section 6, "Normative References"), I figured it out. But what's so hard about saying "mac_key is a randomly-generated 20-byte key, associated with a unique identifier assoc_handle of arbitrary length and contents (as long as it cannot be deduced from the mac_key or any other available information)"?
Also, the fact that two of the most easily found OpenID tests, the one at Winged.info and JanRain's OpenIDenabled.com both barfed without giving any useful information during my testing means that a lot of existing code isn't yet ready for prime-time.
So, as usual, I reinvented the wheel, and rolled my own. Is it complete? No. Is it any better than JanRain's libraries or CJ Niemera's phpMyID? No, in fact it's not as good yet. But what it is, is small and simple, and for some people (twisted, warped souls like myself) it will be more easily read, understood, and extended. So, here's the code, as it currently stands. I'll likely be actively working on it, to make it work correctly and allow use of Thawte Freemail certs.
The current date is Saturday, 20-Apr-2024 08:22:59 EDT
This page was last modified Friday, 06-Feb-2009 18:10:55 EST
Author: John Comeau <jc.unternet.net> (change the first dot to @)