Monday, June 16, 2014

Adding OpenID Auth system to cakePHP

Fedora infrastructure currently support openID and Persona (FedAuth). So I have to add openID Auth system in login system.

What is openID?
    OpenID allows to use an existing account to sign in to multiple websites,without needing to create new passwords. With that, password is only given to identity provider, and that provider then confirms the identity of the person to the website he/she visit. So no need to worry about unscrupulous or insecure website compromising visitors identity.

How to handle OpenID in cakephp?

   In this process we need openID library. So here I found openID library for php by janrain and it is licensed under MIT license.
First of all openID library(Auth folder) should be added to app\vendor folder. Then openID component  (OpenidComponent.php) to app\Controller\Component. Then we need a login form.

Next we have to write controller to handle this form. This controller handle following tasks

  • Show the login form.
  • Redirect user to openId provider (when hit submit)
  • Handle the response from OpenID provider.

    Below code is just checks whether openID is successfully authenticated or not.
Above code is modified version of previous userController.php. Here I added Simple Registration Extension(SReg) which retrieve nine commonly requested information
nickname, email, fullname, dob (date of birth), gender, postcode, country, language, and timezone

So that we can retrieve at least few of them and use to identify the user.All request info arrives as an array by post method.
Check the implementation of this in OpenShift.

No comments:

Post a Comment