phpMyID 0.6

phpMyID is a small, fairly lightweight, standalone, single-user Identity Provider for OpenID authentication.
OpenID is an open, decentralized, free framework for user-centric digital identity (I stole that from their website). But what does it mean? Well, basically OpenID is a way to authenticate yourself to various places (websites) by verifying your identity as the owner of a particular URL (say, a website of your own).
Instead of giving a username and password to a login form, you just give it your URL. Youre then directed to your "identity provider" to log in, and when it authenticates you, you go back to the site you were orignally trying to get into. Why this is good or bad, and what the actual implications of it are... well, thats all mostly outta scope as far as phpMyID is concerned. Suffice it to say, phpMyID acts as an "identity provider" so you can log in to OpenID enabled sites.
From a user point of view, OpenID is a neat concept, but it has a few flaws. For example, when I wanted to actually, yknow, get an OpenID thingie of my own so I could log into OpenID sites, I found there was no satisfactory way to get one. My options were:
Download a ready made application to handle serving up identities and create myself an account in it. - There arent many of these, and what few there are seem to be geared towards multi-user setups. Since theres only one of me, this option seemed like overkill.
Download a complex set of libraries and build an application to handle serving up my identity. - Again there are not many of these, and what few there are seem a bit overcomplicated for my needs.
Set up an account with a third party provider. - A bad option for me because I really dont like the idea of coupling a theoretically decentralized framework to one of a handfull of third party providers (and giving them my account credentials). Sure, someone who doesnt have their own site and server technology will probably go this way, but not me.
Since I couldnt find the simple solution that I wanted, I did what any [idiot|geek] would do, and created the missing option for myself: a single user OpenID server. phpMyID.
Usage
phpMyID is a single user (though, if you were so inclined, you could easily turn it into a multi-user setup) IdP, or "Identity Provider" for the OpenID framework. Its a single PHP script with minimal dependancies.
You dont need a database, you dont need to make your filesystem writable, you dont need to download any libraries, and you dont need to recompile PHP. Okay, well, you shouldnt need to do any of that.
Installing phpMyID requires an MD5 hashing utility. Why? Because you have to authenticate to it using a password. phpMyID uses HTTP Digest authentication for security and your password must be encrypted when you enter it during installation. Say it with me: "passwords should never be stored or transmitted in plain text" (one of the advantages of phpMyID and OpenID is that they never are).
For Linux or OSX (or any other Unix-like OS), I suggest using OpenSSL to encrypt your password. For Windows, there are a number of utilities available, but I recommend this one by Colin Plumb. Its public domain code, and it will do exactly what you need (yes, the hash it create is all upper-case - dont worry, phpMyID will convert it for you). You can use PHPs md5 function to generate your hash for you on the fly, but I must discourage doing so. Not only does it take all the fun out, but you have to store your password in plain text to make it go.
Complete installation instructions, including examples of how to encrypt your password, are available in the provided README file (heres the svn version).
Enhancements:
- This release should fix the outstanding (known) "bad signature" errors, adds a number of refinements, includes a testing mode, and provides support for a more versatile set of "big math" functions.