Sunday, February 27, 2011

An example of OpenID, Facebook and Twitter authentication in Zend Framework 1.11

This is an example Zend Framework 1.11.3 application that uses OpenID (Google,
Yahoo, MyOpenId, AOL, OpenId) as well as Facebook Connect and Twitter Oauth for
authentication of users.

During authentication, information about a user (e.g. an email or a country) is fetched from the authentication provider.

Zend Framework 1.11 does not have a very good support for OpenID, not mentioning Facebook Connect and Twitter Oauth. Thus, to make it all work the following elements were used:
In some cases slight modifications to the above elements were made.

The demo of this application is here , while the source code is at GitHub. The user authentication is performed in a loginAction in UserController.php.

Hopefully, this example application will be useful to others as it was for me.


  1. Great post! I made something similar myself, maybe we can join forces to create a proposal and add this things to zend framework, what you think?

  2. @nebiros
    I'm glad you like it. You can use the example for making the proposal. However, won't ZF 2 support these authentication providers? I know that with ZF 1.11 is a problem.

  3. Anonymous7:28 AM

    Iam using ZF 1.11. Below is demo url:

    When I type,, it always gets back to site page, with amessage "Authentication Failed. You are not logged in". I have checked, time and again, keys and secrets of both Facebook and Twitetr, both are correct.

    Can you guide me, what and where Iam doing wrong.

    Thanks in advance

  4. @Anonymous.

    I see you modified the login page. Without seeing the modified source code I cannot tell you what's happening.

  5. Anonymous11:31 AM

    can you please provide the one URL which is working at your site.

  6. @Anonymous. Thanks for the suggestion. I'll try to create some dummy accounts that can be used to test the app.

  7. Hi,

    Thanks for this post, it is really a great help as I am working on a project implementing this. I however have a problem. While Facebook and Twitter are working normally, I am encountering redirect loop with Gmail and Yahoo after the user supplies their login details at the providers site. I have gone through the code many times and I can't seem to understand where the problem is...

  8. This comment has been removed by the author.

  9. @Steve Popoola
    I seet at that you modified the code of the example. Without more details its difficult to say what is the cause of your problem.

  10. Hey man.. im having problems with google profile !!

    In your demo, logins fails too!

    At my site in debug mode i have problems to save an discovery file on tmp folder!
    U have this problem too ?

  11. @pSy vito
    Hi. Could you provide more details what's happening. Are you getting any exceptions, error messages etc.

  12. Thank you for this post.
    While Facebook works normally, I have some trouble with Twitter.
    When the session expires or the user signs out application, does the app have to take the user through the whole OAuth process from the beginning next time they want to sign in?

  13. @Oleg.
    My demo is just a basic example. Of course, you could avoid taking the user through the whole OAuth process next time by setting e.g. a cookie.

  14. Hello,
    I'm trying to implement their adapter, google and yahoo,
    but am having no success, it returns me
    only the message "Redirection faild, "would have forgotten something,
    just put the controller if the js, imgs,. ini, the adapter configured openid bootstrap, since I do not know what to do, help me?

  15. Anonymous5:52 PM

    For google and yahoo you need to patch Zend_OpenId_Consumer. Have a look at source code. it is at github.

  16. Anonymous7:29 PM

    Hi, the twitter and google work great but I think the facebook is now broken since they switched authentication - can't login via fbook in the demo. Awesome source but thought I'd give you a heads up.

  17. @Anonymous
    Thanks for the info about changes in facebook authentication. I fixed this problem. I only needed to update zfopenid details in my facebook developer website.

  18. Anonymous1:10 PM

    Thanks, nice post

  19. Anonymous1:52 PM

    Am trying to login with, on the demo and none of them seems to be working. Please help me out with a lead.

  20. @Anonymous

    Do you get any error messages? I cannot replicate the problem. I would help me a lot if you could provide some more info.

  21. For Google OpenID:

    First, in the _discovery method add the following on the series of preg_match checks that starts at around line 740.

    } else if (preg_match('/([^<]+)<\/URI>/i', $response, $r)) {
    $version = 2.0;
    $server = $r[1];

    For me, that's all. But, if for you doesn't work, i'm show all information page:

    This is a ZF Issue:

  22. Anonymous3:37 AM

    i have problem with facebook login, i created a facebook application and given the appcode and key , its going to fb url and returning only access token. what i have to do???
    plz help....

  23. Anonymous10:01 PM

    Excellent resource. thanks you very much.

  24. Hello,

    How can I retrieve information from the user when the login and authorization is performed?


  25. Anonymous10:21 AM

    I'm trying to run the example code exactly the way it comes out of github. I'm getting this error:

    "Fatal error: Cannot use object of type stdClass as array in /application/controllers/IndexController.php on line 22"

    Anyone know how to fix this error?

  26. Thanks so much for this post, I did exactly what you did and it works great I wish you'd add the verification part as well sometime

  27. Thanks for the great exmaple.
    It really helped me al lot!
    But is there any possibility to use a popup for authentification?

  28. Avinash4:27 AM

    I am getting this error.

    Catchable fatal error: Object of class stdClass could not be converted to string in application\views\scripts\_partial\properties.phtml on line 3

  29. Anonymous3:37 AM


  30. Anonymous7:39 PM

    This comment has been removed by a blog administrator.

  31. Anonymous2:09 PM

    This comment has been removed by a blog administrator.

  32. Anonymous7:00 AM

    This comment has been removed by a blog administrator.

  33. I am trying to login with facebook, but after I log in, it responses "This webpage is not available". I found problem in UserController "$result = $auth->authenticate($adapter);"
    Can you help me?