Use your WordPress Blog as an OpenID


I read about OpenID a while ago, and decided now I have a blog, I should get myself an ID to let me log in to the various sites that support it.

I assumed there would be a WordPress plugin that let me do this, and I quickly found and installed WP-OpenID. To my disappointment I discovered that this plugin only adds the option for visitors to login using their OpenID, but not to use my blog as an OpenID. This does mean if you want to comment you can sign in with your OpenID however!

There are lots of 3rd party OpenID providers, and in fact I probably have more than one through other sites, but I wanted to keep everything separate from other providers, so I decided to set up my own.

Now, from here on, I am not reliant on WordPress, and this applies to any homepage or blog, whatever the platform. This is why I didn’t find many useful search results when searching for WordPress OpenID providers/plugins.

The solution is to install a little PHP application called phpMyID. There are lots of other blog posts that describe this process, but I will put a quick summary of what I did here. This assumes basic PHP/technical knowledge.

Firstly I downloaded phpMyID from here and unzipped it. The readme is pretty good – read it! I renamed MyID.config.php to index.php since I put it in it’s own directory (in fact own sub-domain: openid.robferrer.co.uk). Note, somewhat unusually, the config file is the main file which should be loaded, and is not included by another file as you would find in many other apps.

The readme tells you to upload the files and visit them. In fact this is only required if you are running PHP in safe mode, but I did it anyway (I also noticed a PHP error, but I’ll mention that later).

Follow the instructions to create the MD5 hash. I did this on a linux command line, and don’t like entering plain text passwords directly because it stays in the history. I could probably have worked out another way of typing the command, but the easiest solution is just to type ‘history -c’ after you’re done to clear the history.

I mentioned that I had a php error. This seems to be any configuration options that aren’t set (left as default). It works ok, but may (depending on your server settings) display warnings which prevents the headers being modified. The simplest solution to this is to turn off error/warning display in the php settings or (as I did), add the line “error_reporting(0);” to the top of your config file.

Other changes I made were to turn paranoid mode on (this asks you each time if you want to share your ‘identity’ with a site), and set up the sreg array with my details (to save you looking it up, the UK timezone is ‘Europe/London’, and country is ‘GB’). I’ll leave it up to you to decide how much of this information you want to fill in, bearing in mind any site which you log in to will be able to read it. I also set the idp_url, but it’s probably not needed

Re-upload the files and check you can log in. You may have to use the .htaccess (I didn’t), see the readme.

Finally, you presumably don’t want to enter your phpMyID url when you log in to a site, so put the following tags in to your homepage header:
<link rel=”openid.server” href=”http://openid.robferrer.co.uk/” />
<link rel=”openid.delegate” href=”http://openid.robferrer.co.uk/” />
(obviously replace http://openid.robferrer.co.uk/ with the URL of your phpMyID installation). If you want to use your blog URL, edit the WordPress header in Presentation->Theme Editor. You should now be able to enter your blog or homepage URL on any site that supports OpenID.

I had a small issue that stopped me logging in as www.robferrer.co.uk instead of openid.robferrer.co.uk. Not sure what the issue was. but this seems to be ok now using the settings described above.

I hope this helps someone searching for the same things as me!


Leave a Reply

Your email address will not be published. Required fields are marked *