How to fetch account data from a provider with LightOpenID?
You need to call getAttributes()
after $openid->validate()
not before.
Remember:
Note that it does not guarantee that any of the required/optional parameters will be present
Get user details from openid
Just read the manual:
http://code.google.com/p/lightopenid/wiki/GettingMoreInformation
$openid->required = array('namePerson/friendly', 'contact/email');
$openid->optional = array('namePerson/first');
before calling $openid->authUrl()!
Then
$openid->validate();
$userinfo = $openid->getAttributes();
$email = $userinfo['contact/email'];
$firstName = $userinfo['namePerson/first'];
Log-in the user with LightOpenID
This script is now working fine from my localhost running apache on my laptop with a wifi connection to the internet.
I've been told that you should pass your domain to the new LightOpenId object when creating it.
$iniConfig
is a parse_ini_file array stored outside the document root where I store all my important variables.
in this case
[openid]
domain='mydomain.com'
So, I create new object and include the domain the server is on:
$openid = new LightOpenID($iniConfig['openid']['domain']);
I wrote it this way, and haven't checked to see if it works without the domain..
Lightopenid and yahoo user email
Exactly the way you tried -- by adding 'contact/email'
to $openid->required
(or optional
).
If a provider doesn't return the email -- that's fine, it doesn't have to. It doesn't mean that the provider doesn't support OpenID, or doesn't support SREG/AX (the OpenID extensions used to fetch the email). It just means that it decided not to send you the email address.
So my advice is: stop depending on that.
OpenID is a decentralized protocol, so there are a lot of providers that won't return email and other data, and you still have to support them. So again: the provider may return whatever data it wants, regardless of what you asked for, so you can't depend on it being returned.
simple openID in php
In OpenID, several requests need to be performed across involved parties to complete the login procedure; a single interaction would not be sufficient. More specifically:
- The browser asks for the login page, you send the form (neither openid_identifier, nor openid_mode are set).
- The user fills in the openid, and submits. You need to start a transaction with the provider, redirecting the user (openid_identifier from the form is set, but openid_mode is not)
- The user is redirected to the provider, logs in, and the provider redirects back to your page. You need to validate that the returned data is authentic, and then use the identifier to actually login the user (e.g. establish session, update UI, etc) (openid_mode will be set to either "id_res", "cancel", or "error").
So the two instantiations of LightOpenID actually belong to separate HTTP requests for cases 2 and 3; in case 1, you don't need a LightOpenID object since you are displaying a static form.
LightOpenID - Provider - Script is stuck at allow once,allow always,cancel
You have probably entered a wrong identity url.
For example, assuming the provider is on provider.example.org:
An incorrect identity would be http://provider.example.org/example-mysql.php
. The provider would ask you for login and password, request authorization, then silently fail, because http://provider.example.org/example-mysql.php
cannot be resolved to any login.
http://provider.example.org/example-mysql.php?Mewp
would be a correct identity for this example.
One way to avoid this is to set $op->select_id = true
when there's no login in the url, which would cause the server to return both claimed_id and identity to the correct url (like google does).
How do I login the user with Yii and OpenID
To use the data from openID as Yii login, you could modify/overwrite the UserIdentity Class (protected/components).
Overwrite the existing authenticate method.
At this point you also can set the current Yii username, like:
$this->username=$openId->username
(where $openId->username
should be replaced by the variable which contains the openID user name)
By overwriting the side/login action, you can call your modified method, like this:
$identity=new UserIdentity("m","m");//where m is dummy
if($identity->authenticate()) {
Yii::app()->user->login($identity);
[...]
}
//Update (because of your comment):
Not sure, if I understand your problem right. But what's about adding a new method in UserIdentity, like authenticateOID(). call this method at the beginning of the original authenticate() method, like so:
if ($this->authenticateOID) {/*set username & return true to end the method here*/}
else {/*original authenticate method from Yii*/}
Inside authenticateOID()
you check if OID authentication is done and/or if the user still in you local "OID - user table"
Google suddenly started to return validation as false using LightOpenId
Other people are saying to enable cURL (which may be your issue), but in my case cURL was enabled.
Some more snooping around and I found out that the request was going through request_streams() due to the following check failing in the function request (formatted for convenience):
if (
function_exists( 'curl_init' ) &&
(
!in_array( 'https', stream_get_wrappers() ) ||
!ini_get( 'safe_mode' ) &&
!ini_get('open_basedir' )
)
) {
Change it to:
if (
function_exists( 'curl_init' ) &&
(
!in_array( 'https', stream_get_wrappers() ) ||
(
!ini_get( 'safe_mode' ) &&
!ini_get( 'open_basedir' )
)
)
) {
Hope this helps.
Edit: Forgot to say that I'm unsure if Google did make some change, but the fact that a lot of people using the same library having the same problem at the same time means something happened, and I can say that most people probably didn't change a thing. Google probably flicked some switch to make something more restrictive/secure.
Related Topics
Is It Acceptable to Use a Mix of Object Oriented Style with Procedural Style in Coding PHP
File Upload PHP $_Files Undefined Index Error
Display Zend_Form_Element_Radio on One Line
Nginx + PHP-Fpm 7.1 - 504 Gateway Time-Out
Get Request from PHP Using File_Get_Contents with Parameters
How to Change the Name of an Element in Dom
How to Get/Set Session_Id() or Should It Be Generated Automatically
Variable Variables in PHP - What Is Their Purpose
How to Call Entity Manager in a Constructor
Http Header for Downloading Microsoft Word and Excel Files
Html2Pdf in PHP - Convert Utilities & Scripts - Examples & Demos
Phpdoc for Variable-Length Arrays of Arguments
Move Value in PHP Array to the Beginning of the Array
How to Store Variable Values Over Multiple Page Loads
Php: Output Data Before and After Sleep()