

Opauth: Multi-provider authentication framework for PHP, inspired by OmniAuth - uzyn
http://opauth.org
Just released v0.1.0 today. 
https://github.com/uzyn/opauth<p>If you are familiar with OmniAuth for Ruby, Opauth basically does the same thing, except for PHP.<p>Gave a talk on it today at Singapore PHP User Group. My deck: https://speakerdeck.com/u/uzyn/p/opauth-an-introduction<p>Opauth is still very new and I still need to work on the documentations a lot, especially tutorials and the wiki.
======
uzyn
Just released v0.1.0 today. <https://github.com/uzyn/opauth>

If you are familiar with OmniAuth for Ruby, Opauth basically does the same
thing, except for PHP.

Gave a talk on it today at Singapore PHP User Group. My deck:
<https://speakerdeck.com/u/uzyn/p/opauth-an-introduction>

Opauth is still very new and I still need to work on the documentations a lot,
especially tutorials and the wiki.

~~~
prplhaz4
Have you seen hybridauth before? <http://hybridauth.sourceforge.net/>

If so any differentiators that would help us choose?

------
fryguy
I really wish this was around 2 years ago when I made a site that used openid
in PHP. I've dealt with so many nighmares of it I just threw it all away and
now send people an email every time they want to log in. How do you deal with
supporting every different little configuration of PHP servers? I had huge
problems with having to put a hack into the code for lightopenid in order for
it to work on my webhost, but that hack broke it on my machine.

~~~
uzyn
I set a minimum requirement of Opauth Core to be PHP >= 5.2 (though
technically it runs fine on >= 5.0) and tries as best as I could to not
introduce any unnecessary dependencies, which is the reason why cURL isn't
bundled and basic HTTP calls are made through get_file_contents(); and hashing
is done through iterations of salted sha1() instead of bundling 3rd party
encryption scheme.

Yes, file_get_contents() is not that great, but strategy developers can choose
to require cURL if they want, just that Opauth Core doesn't require it.

~~~
rmccue
I'm the developer of Requests (<https://requests.ryanmccue.info/>) which might
be something for you to consider bundling with Opauth. There's a whole host of
problems with using file_get_contents on various hosts, hence why cURL is so
often used.

~~~
uzyn
Thanks for that. Requests looks interesting. Opauth can consider bundling that
to the core and replace my simple wrappers of file_get_contents().

------
lux
Thanks, this looks pretty awesome! Also posted it to r/php as well:

[http://www.reddit.com/r/PHP/comments/tzil2/opauth_multiprovi...](http://www.reddit.com/r/PHP/comments/tzil2/opauth_multiprovider_authentication_framework_for/)

Now to go play with it some more... :)

~~~
uzyn
Thanks for cross-posting it at Reddit. I'm statix on Reddit and just left a
comment at your post. :)

~~~
lux
No prob :) And good job, this looks really useful!

A few months back I had to integrate the usual auth providers and was it ever
a hunt to find the best scripts for it. I ended up with tmhOAuth for Twitter,
LightOpenID for OpenID and Google, and handling Facebook somewhat manually.
Will be seriously looking at this as a replacement, and for my next project
too.

------
FLX
Nice, is there a Wordpress plugin in the works? I'm sure that a lot of people
would be interested in this.

~~~
uzyn
That's definitely one of the top frameworks/CMS to support. I'll get on with
it if no one has started when I'm done with CakePHP-Opauth and Opauth's
documentations.

~~~
FLX
Awesome, thanks! I've been dying to switch off RPXnow :)

------
hongster
Standardize interface for all OAuth providers. Extensible.

~~~
uzyn
Not really just OAuth but it should work with even proprietary authentication
providers as long as there is a compatible Opauth strategy for it.

------
miccheng
Excellent library - has lotsa potential!

