Service URI: ex: https://my-profile.eu/

Test your WebID authentication! (verbose)

Something went wrong? Contact us here or please open an issue ticket on the project's github issue tracker.

What is WebIDauth?

WebIDauth is a PHP authentication (or in this case a delegated authentication) service for WebID enabled FOAF profiles. This library is currently powering auth.fcns.eu.

Functionalities

Right now, WebIDauth supports the following functionalities:

How it works

To take an example, the website http://my-profile.eu/ could have a "Login" link on the main page to allow users to authenticate using their webids. This link points to a server which is running WebIDauth, let's say https://auth.my-profile.eu/ and which we will call IdP (Identity Provider) from now on. A typical link would look something like this:

https://auth.my-profile.eu/auth/index.php?authreqissuer=https://my-profile.eu/

What happens next is the IdP will demand a certificate from the browser. From the certificate it will extract the webid URI, then after fetching the foaf profile located at that specific URI it will attempt to match the public key of the certificate with the data found in the foaf profile. If the two match, it will then redirect the user back to the page contained in the authreqissuer variable (the service at https://my-profile.eu/), appending additional information. For compatibility reasons, the variable names are the same with those returned by foafssl.org, hence the URL look like this:
$authreqissuer?webid=$webid&ts=$timeStamp&sig=$URLSignature&referrer=$referer

Where the above variables have the following meanings:
Error responses

In case of error the service gets redirected to the following URL: $authreqissuer?error=$code, where $code can be either one of:
If something goes wrong! / Reporting bugs.

Needless to say that if you run into any problem while using this service, it will be greatly appreciated if you could submit a bug report. Either use this small contact form, or go to the project's space on github.com and open an issue ticket.

Where to get WebIDauth
TODO

* test different formats of webid profiles

This is the server's certificate containing the public key:
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIDBerZMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTIwNDA0MTA0NTEw
WhcNMTMwNDA0MTg1MjI3WjBuMRkwFwYDVQQNExBoWTdENnQ3M1A5Y1B2ckF6MQsw
CQYDVQQGEwJGUjEbMBkGA1UEAxMSYXV0aC5teS1wcm9maWxlLmV1MScwJQYJKoZI
hvcNAQkBFhhwb3N0bWFzdGVyQG15LXByb2ZpbGUuZXUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC9Ix5SIxwgZjGvx63VXYhFU2+A94FXEO7qr1Ri1ZdZ
WUjItBUNvK6JzdFA1oAPYtGMDs/Uev99Ibj4FfUT3R2GYI2WWv1nGZk6zXFN51Z3
2JAXh1XgX1IW47mhVfzR2yy/i31yPn0oOEhyA3R3dYPs3K6HTd1Eng2rtzbYieVK
zamTkVQmyMG2WFmJBbJ5QoCRkGHR5ZnkJ/4jhZF41GyTTW71dcwOb3ITi9GDsSHv
D5jfUTZy5PXN/91H48SdrVVj6KEziD4h7FnPHpgzpsKJt1wehc83EWR89IEeY/dC
62sNz0s1sMg1BNhoqKesdCSUhjEURGyqGUaF7Ge+0baJAgMBAAGjggOxMIIDrTAJ
BgNVHRMEAjAAMAsGA1UdDwQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNV
HQ4EFgQUMM0hTiEKfr0/Lp85d7KgQlBfNgcwHwYDVR0jBBgwFoAU60I00Jiwq5/0
G2sI98xkLu8OLEUwLAYDVR0RBCUwI4ISYXV0aC5teS1wcm9maWxlLmV1gg1teS1w
cm9maWxlLmV1MIICIQYDVR0gBIICGDCCAhQwggIQBgsrBgEEAYG1NwECAjCCAf8w
LgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYw
NAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVkaWF0
ZS5wZGYwgfcGCCsGAQUFBwICMIHqMCcWIFN0YXJ0Q29tIENlcnRpZmljYXRpb24g
QXV0aG9yaXR5MAMCAQEagb5UaGlzIGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNj
b3JkaW5nIHRvIHRoZSBDbGFzcyAxIFZhbGlkYXRpb24gcmVxdWlyZW1lbnRzIG9m
IHRoZSBTdGFydENvbSBDQSBwb2xpY3ksIHJlbGlhbmNlIG9ubHkgZm9yIHRoZSBp
bnRlbmRlZCBwdXJwb3NlIGluIGNvbXBsaWFuY2Ugb2YgdGhlIHJlbHlpbmcgcGFy
dHkgb2JsaWdhdGlvbnMuMIGcBggrBgEFBQcCAjCBjzAnFiBTdGFydENvbSBDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eTADAgECGmRMaWFiaWxpdHkgYW5kIHdhcnJhbnRp
ZXMgYXJlIGxpbWl0ZWQhIFNlZSBzZWN0aW9uICJMZWdhbCBhbmQgTGltaXRhdGlv
bnMiIG9mIHRoZSBTdGFydENvbSBDQSBwb2xpY3kuMDUGA1UdHwQuMCwwKqAooCaG
JGh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydDEtY3JsLmNybDCBjgYIKwYBBQUH
AQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDovL29jc3Auc3RhcnRzc2wuY29tL3N1
Yi9jbGFzczEvc2VydmVyL2NhMEIGCCsGAQUFBzAChjZodHRwOi8vYWlhLnN0YXJ0
c3NsLmNvbS9jZXJ0cy9zdWIuY2xhc3MxLnNlcnZlci5jYS5jcnQwIwYDVR0SBBww
GoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20vMA0GCSqGSIb3DQEBBQUAA4IBAQBp
JFAAxZ2gzThBLAGITaUqXBLMgauQQkFjK6AwmPXu3XxDpxAsXTM6ce0DpwOjDWXQ
CCvF8pydSUKBIwuGN8BcQaC5qnyHamc62YO5Q+VkHbRcLyCB/zqjsOO2+G75AZf9
Z9PIzHUFTxIO2rWu76K6IT8vIpjiIwfF5r5irPOzjbWTFTCQwbhBCF7XdMPlma6d
UFGtn+/N7Hg5F/TPHdI7z/oJIkTP79h73+H9Nv6OD7DKIMWZBfvwR9vNIxvaLOMW
0uxmn9nSfUiAHli5nhvI6gAk1JJf31sOkWmd66KIQzC4pR+GRjPzdmbZpXCjqbjq
rsXEfOCMHw9T3c5vV5qy
-----END CERTIFICATE-----

Last updated April 4th 2012