Using OpenID SSO mechanism to retrieve your visitor's details
Recently I got interested in allowing people to add feedback, but from previous experience I noticed that such feedback mechanisms will allow spammers to compromise the site contents.
And to mitigate the situation, I had until recently two solutions:
- using Captcha mechanisms;
- using external APIs to validate if the comment is a spam or not.
Now I decided to implement an
OpenID mechanism, allowing people to log in with their already-existing credentials from Google, Yahoo, and other providers.
For this I found on the internet the
http://gitorious.org/lightopenid API which will help me authenticate the consumers with their
OpenID account.
So, inside the
LightOpenID class I defined few blocks.
This statement is executed every time the page is loaded, and it simply will set in my session the contact name and email, according to the authentication protocol.
But getting the name and email are not trivial task, for which I defined a
getContactDetails() method inside that class.
This function,
getContactDetails will return an array containing the email and the name (friendly, full name, or email, whichever is available, preferably the first).
How can be seen in the fist statement, I used a function
getAllProviders that will return me all the identity providers recognized by my site. The code for this function is
getAllProviders.
Finally, all this functionality is used in the PHP page, as in
Usage.php.
The code is functioning for the moment only on
http://my.sorescu.eu.
Have fun coding!