SoC full openid support

From GeeklogWiki
Jump to: navigation, search

This is one of the projects to be implemented during the Google Summer of Code 2009.

Student: Choplair, Mentor: Randy Kolenko

Project info and advancement during Summer of Code

Thomas Gutleben, aka Choplair, has been selected to achieve this project.

The independant OpenID library that needed to be created for the occasion has been named GGGOOOIIIPPP, for "Geeklog GNU GPL Object Oriented Opend ID Implementation In Pure PHP Project".

Dedicated SourceForge account and website have been set up to obtain docs / information, grab source code and follow development in real-time.

Pre-Summer of Code idea discussion & preparation


Geeklog has had support for OpenID since version 1.5.0.

However, it currently only supports OpenID 1.1, you can only allow users to login using OpenID but can not have your Geeklog site act as an OpenID provider, and the library we are using isn't supported any more.

So for this project, we are looking for

  • OpenID 2.0 support
  • support for both the Consumer and the Provider side


The idea behind OpenID is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.

Consumer and Provider

OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a Consumer) and it can provide an OpenID identity for users (i.e. act as a Provider) which they can then use to log into other OpenID-enabled sites.

A Geeklog site can currently only act as an OpenID consumer. We would like to see this extended to allow a site to also act as an OpenID provider for their users.

Things to consider:

  • It should be possible to limit providing an OpenID identity only to members of a certain Geeklog group.
  • An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.

Finding an OpenID Library

The main problem with this project is to find a usable OpenID 2.0 library. When checking the list of available libraries it turns out that all the PHP libraries listed there suffer from one or more of the following problems:

  • does not support OpenID 2.0
  • does only support one side (Consumer or Provider, but not both)
  • is part of an exisiting framework
  • is not available under a license that's compatible with the GPLv2

So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.

New Implementation?

Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is

  • object oriented
  • reusable (and, specifically, not tied to Geeklog)
  • supports OpenID 2.0
  • allows for both the Consumer and the Provider side
  • published under the GPLv2 or a compatible license

Developing a new library would take up a good portion of the available time for this project, so it's possible that the student won't be able to finish integration of the library into Geeklog. We're willing to accept this in exchange for a solid and usable OpenID library.

Also see this post on the geeklog-devel mailing list for some clarification.

Level of Difficulty

The level of difficulty depends on the availability of a usable OpenID library:

  • hard - if the OpenID 2.0 library has to be implemented by the student.
  • medium - if a suitable library exists.