I've tried to use different libraries, but had no luck because of lack of documentation for them. Finally, I got Simple OpenID PHP Class and it's working, but...
I have a login form, where user enters his openid url and than he is redirected to openid server to allow access. When user is back from server I receive success response, assoc key and a sig. That's all.
Now I don't know what to do next. I probably need to set up a cookie at my server, but I don't know which info to store at the cookie (is it just url, or sig, or assoc key?). Later, when user is browsing thru pages on my site, I need to check if he is authenticated (he probably could go to his openid server and remove my site from allowed list, so I need to check auth every time) - but again, I don't know which mode to use and which params do I have to send to server. And I also need to do something with those Heffie encryption, I think.
I have subscribed to a mailing list at openidenabled.com. There are lot of people who can answer any questions. I have cleared all my concerns and soon will be done with openid integration.
Bookmarks