This is the page of the Windows Live ID Authentication WordPress Plugin.
I started messing about with Windows Live ID SDK and PHP in November 2007. My first post detailing the first version of this plugin is at http://www.muscetta.com/2007/11/02/using-live-id-to-authenticate-to-wordpress/
- v0.1 – The first version was very basic and let you authenticate, but that was it. It was necessary to manually edit the database, so it was just a little more than a proof of concept.
- v0.2 – The second version was just a fix to let the plugin work with the new authentication secure cookies in WordPress 2.5. It did not work anymore in 2.3 and older, as I completely changed the code
- v0.3c – this is the first version to include BOTH authentication codes (so it will detect which version of WordPress you are running and will use the correct authentication code). This has only been throughly tested on 2.5 anyway, so the rest should work, but I am not 100% sure about it. Also, this version finally includes a plugin configuration page, so you won't have to manually edit the database to associate your Live ID account with your WordPress account.
- v0.3d – Added the possibility to REMOVE the association between Live ID and WordPress ID, once set, in case you got it wrong and you want to repeat the process, or in case you want to change the Live ID account to be associated with your WordPress acount.
- v0.4 – Update for WordPress 2.7
- register your blog as an application like it is explained at http://msdn2.microsoft.com/en-us/library/bb676626.aspx
- you will get a key for your application.
- When registering your app with Live, the "Return URL" is going to be something like http://<your-blog-url>/wp-content/plugins/liveauth/webauth-handler.php
- You then will have to enter the same key/information you got from the registration process in the Application-Key.xml file. This file should be kept in a directory where it cannot be downloaded from the internet. Use something outside your webroot if you can. Otherwise just set restrictive permissions of the file so that it cannot be downloaded from the Internet. This is very important: access to your secret key in the config file will let an attacker decrypt your cookies and spoof your identity. This recomendation should not be overlooked. Once you selected a location for the Application-Key.xml file, point at this file by modifying the settings.php file.
- Activate the plugin.
- Go to http://<your-blog-url>/wp-content/plugins/liveauth/auth.php
- Log In with your Live ID. you should return to the same page, that will tell you you are logged in to Live but not to WordPress. Take note of your Live ID number from here (as in "select" and "copy" it).
- Click on the link that will let you authenticate with your existing WordPress account. You will be then redirected to the option page for the Live ID plugin.
- Type in or paste the ID you copied in step 7. Submit the form.
- You should be set. Now WordPress knows your Live ID corresponds to your WordPress account.
The information in this weblog is provided "AS IS" with no warranties, and confers no rights. All code samples are provided "AS IS" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
Even if I was working at Microsoft at the time I wrote this, THIS WORK WAS NOT ENDORSED AND NOT EVEN CHECKED, AUTHORIZED, SCRUTINIZED NOR APPROVED BY MICROSOFT, AND IT ONLY REPRESENT SOMETHING WHICH I DID IN MY FREE TIME. NO GUARANTEE WHATSOEVER IS GIVEN ON THIS. THE AUTHOR SHALL NOT BE MADE RESPONSIBLE FOR ANY DAMAGE YOU MIGHT INCUR WHEN USING THIS PROGRAM.
This code includes part of the Live ID SDK Sample PHP application, therefore it is subject to the same License and Terms of Service about the ways it can be used and redistributed. In plain english, those terms mean I can't make it GPL, and therefore I cannot add it to the official wordpress plugins gallery, albeit I have been using it for years and works just great – it is just a 'code sample' 😉