Reputation: 1108
Zend OpenId provider with custom users
I have a web application with a homemade user module. Users are stored in a MySQL database with passwords binary encoded (by default sha256, however we have support for other algorithms; e.g. password stored as MD5 string).
So far so good, but now we want to act our application as OpenId provider, providing the accounts from our user module.
Since we use Zend Framework i guessed it shouldnt be that hard to write a custom storage adapater using a database backend (i.e. OurNamespace_OpenId_Provider_Storage_Db extends Zend_OpenId_Provider_Storage) however Zend_OpenId_Provider::login(id, password) is delagating to Zend_OpenId_Provider_Storage::checkUser(id, md5(id.password))
So in OurNamespace_OpenId_Provider_Storage_Db::checkUser() the second argument, the password, is provided as md5 string including a salt (openid) which i cannot check in our own user table.. passwords are stored differently...
What would be common/best practice to solve this issue/workaround it?
Thanks in advance!
// Roland
Upvotes: 1
Views: 285
Answers (1)
Reputation: 86
I had the same problem as you. Since we cannot just extend Zend_OpenId_Provider and overwrite checkUser(), I fixed it in an ugly way.
I copied Zend_OpenId_Provider to NameSpace_OpenId_Provider, edited checkUser(), and used that instead.
PS: Somebody filed a bug, maybe we will see something out of it. http://framework.zend.com/issues/browse/ZF-10232
Upvotes: 1
Related Questions
- How do I implement Direct Identity based OpenID authentication with Zend OpenID
- Creating a OpenID Provider in PHP
- Using OpenID without requiring users to know their OpenID url?
- Zend OpenId 2.0 Support
- Using OpenID with Zend Framework
- Login system with one identity but multiple openid's - Does it make sense? How to implement in ZF?
- Zend OpenID with PHP
- Zend Framework Oauth Provider
- Zend Framework OpenID Consumer
- setting up OpenID authentication using Zend_Auth_Adapter_OpenId