I want to play with OpenID support in Yii.
After researching for possible plugins, I found these two. One for OpenidSelector and one for LightOpenId
http://www.yiiframework.com/extension/simpleopenidselector/
http://www.yiiframework.com/extension/loid
Are these the right extensions to use in Yii for OpenId support? Anything else?
And I would like to get some guide line on what to do with these extensions if they are correct.
This is what I think I need to do beside installing them as per instructions on the page.
- Create OpenIdUserIdentity extends CUserIdentity and put the authenticate() code there
- Create a login page and put the simpleopenidselector code in a view.
- Create a actionOpenIdLogin methon in siteController
then I am kind of lost as I don't understand the Usage sample in Loid and I am not sure how to do (1) and (3) above.
Please let me know if I am on the right track and possibly provide some guidance. Thanks.
After playing with it for awhile, I am going to answer my own question. This is how I make it to work, so you can change it according to your needs.
Note: I use a userController instead of the siteController and please follow all the instructions in the respective extension page.
If you used the two plugins as indicated above, then what you need to do next to make it work are the followings: (this is a step by step guide)
But the most important steps are 2c and 3, they are the glue to both plugins
1) Have a login page that uses the OpenidSelector. Place it at views/user/login.php
<?php
$this->widget('application.extensions.openidProviders.openidProviders',
array ( 'options' => array ( 'lang' => 'en',
// 'demo' => 'js:true',
'cookie_expires' => 6*30,
)));?>
2) Setup actions to handle the selection from the openidSelector. I put this in the userController.
a) In main config file.
'components'=>array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'loginUrl' => array('/user/login'), //change the default login page
),
b) In userController file, add login and authenticate actions
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('login', 'authenticate'),
Code for action #1 actionLogin - this is to trigger the login view page.
public function actionLogin()
{
// display the login form
$this->render('login',array());
}
c) Code for action #2 actionAuthenticate - code modified from the LOID instruction page, this is to handle when an OpenIDProvider is selected in the login page.
public function actionAuthenticate ()
{
// Put the Simple usage: code on
// http://www.yiiframework.com/extension/loid here:
// Code from loid Simple usage page.
// START HERE
$loid = Yii::app()->loid->load();
if (!empty($_GET['openid_mode'])) {
if ($_GET['openid_mode'] == 'cancel') {
$err = Yii::t('core', 'Authorization cancelled');
} else {
try {
echo $loid->validate() ? 'Logged in.' : 'Failed';
} catch (Exception $e) {
$err = Yii::t('core', $e->getMessage());
}
}
if(!empty($err)) echo $err;
} else {
// **NOTE:Comment out this line from the loid sample page**
// $loid->identity = "http://my.openid.identifier"; //Setting identifier
// this openid_identifier is need after you click the openselector
$loid->identity = $_GET['openid_identifier']; // CHANGE HERE
$loid->required = array('namePerson/friendly', 'contact/email'); //Try to get info from openid provider
$loid->realm = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];
$loid->returnUrl = $loid->realm . $_SERVER['REQUEST_URI']; //getting return URL
if (empty($err)) {
try {
$url = $loid->authUrl();
$this->redirect($url);
} catch (Exception $e) {
$err = Yii::t('core', $e->getMessage());
}
}
}
// Code from loid Simple usage page.
// END HERE
}
3) Change the action URL to Authenticate in the openidProviders/views/main-en.php
Change
form action="examples/consumer/try_auth.php" method="get" id="openid_form"
to
form action="authenticate" method="get" id="openid_form"
That should be it. Haven't tested failure case, only tested with google login.
There is YiiAuth now, which makes use of the HybridAuth library.