Wez Furlong gives us good news about implementing the math functions needed to support TypeKey and OpenID more directly within PHP.

Paul also mentions that the Solar framework has also had the Typekey support integrated for a while now (as an adapter) that uses the "big-number math functions" currently available to PHP developers. Wez's solution, however, would just about make those obsolete.

I have a patch (php-openid.diff, for PHP 5, might also apply to PHP 4) for the openssl extension that makes it easier to build OpenID and TypeKey authentication support into your PHP apps. I don't have a canned solution for you to deploy, but I can give you some pointers on how to use these bits. I'm assuming that you know a bit about how OpenID works.

It's broken up into three sections - a look at associating with an OpenID server, performing the actual authentication (including the code for the page they're redirected back to), and an example of using the same functionality to interface with TypeKey.

Why do I have an external authentication mechanism? I don't want to maintain a user database just for my blog. It's more moving parts and requires things like sending email pings to random email addresses and mechanisms for resetting or retrieving a forgotten password. Not to mention that it's yet another username/password to be remembered by the person doing the commenting.

So, instead, he authenticates against the php.net cvs setup for any and all users of his site. He transitions from this over to the main point of the post - his thoughts on authentication, specifically the move towards a more centralized resource to bounce the user's information off of. He mentions TypeKey and OpenID as two technologies that are moving in the right direction.

Bringing it back to PHP, Wez notes that the PHP support for both of these technologies is very lacking, but he's been working on a patch for the openssl extension that could help that significantly.

As astute observers will have realized, the most-recent release of Solar had a new authentication adapter in it: Solar_Auth_Adapter_Typekey.

In this article, I'm going to talk a bit about Solar authentication in general, and then TypeKey authentication in specific.

Paul talks first about authentication in general using Solar, giving a simple code example of using the Solar_Auth class. With that base in place, he moves on to the TypeKey authentication, a more unified method for user validation than just using a seperate login at each site.

He explains what's needed to get the ball rolling and demonstrates a TypeKey login link and the setup for the adapter to validate the user.