Why does OpenID look so hard to implement?

I read through this post:

How do I implement Direct Identity based OpenID authentication with Zend OpenID

Why does it lo开发者_如何学编程ok so complicated to implement?

IMO, it's just to send request to a remote site and retrieve the response.

What's the problem those OpenID libraries are dealing with?

Well, there's more than one request involved, you need to establish association, send user to OP, verify the response, but no, it's not hard to implement, it is sometimes hard to get the picture of what's going on.

So, to answer your questions:

1. It looks hard to implement, because you need to understand the flow.

2. If you call (1) a problem, then it's what libraries attempt to deal with by putting most of the implementation details together.