Easy OpenID Delegation with Yadis

Lets say you have a site somewhere that you want to use as your openid. The easiest way to delegate OpenID is to put these in your <head>

<link href='http://www.myopenid.com/server' rel='openid.server'/>
<link href='http://ptarjan.myopenid.com/' rel='openid.delegate'/>

That requires that the URL you are putting them on returns HTML. For me, I have a 302 redirect from http://paulisageek.com to http://blog.paulisageek.com so all of my enpoints are getting my identity as http://blog.paulisageek.com. Not what I wanted.

Enter : Yadis. I created a small Yadis file that says the same thing as those link elements. openid.xml.

<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)" xmlns:openid="http://openid.net/xmlns/1.0">
<XRD>
    <Service priority="10">
        <Type>http://openid.net/signon/1.0</Type>
        <URI>http://www.myopenid.com/server</URI>
        <openid:Delegate>http://ptarjan.myopenid.com/</openid:Delegate>
    </Service>
    <Service priority="20">
        <Type>http://openid.net/signon/1.0</Type>
        <URI>http://draft.blogger.com/openid-server.g</URI>
        <openid:Delegate>http://paulisageek.blogspot.com/</openid:Delegate>
    </Service>
</XRD>
</xrds:XRDS>

And then redirect it if the HTTP Accept header is application/xrds+xml. This is my index.php on paulisageek.com :

<?php
if (strpos($_SERVER['HTTP_ACCEPT'], "application/xrds+xml") !== FALSE) {
    header("Content-Type: application/xrds+xml");
    echo file_get_contents("openid.xml");
    die();
} else {
    header("Location: http://blog.paulisageek.com");
    die();
}
?>

And Voila, it work as an openid endpoint.

Update: You can also use mod_rewrite to get people to your openid.xml file :

    RewriteCond %{HTTP_ACCEPT} application/xrds\+xml
    RewriteRule .* openid.xml [T=application/xrds+xml,L]

You can replace .* with the urls that you want to be allowed openids, but I intentionally have .* so that I can have unlimited openids for myself.

Posted on 29 June 2009 by Paul Tarjan

If you liked this, you might also like...