SoC full openid support
This is one of the projects to be implemented during the Google Summer of Code 2009.
Student: Choplair, Mentor: Randy Kolenko
Contents
Project info and advancement during Summer of Code
Thomas Gutleben, aka Choplair, has been selected to achieve this project.
The independant OpenID library that needed to be created for the occasion has been named GGGOOOIIIPPP, for "Geeklog GNU GPL Object Oriented Opend ID Implementation In Pure PHP Project".
Dedicated SourceForge account and website have been set up to obtain docs / information, grab source code and follow development in real-time.
- SourceCode project summary: http://sourceforge.net/projects/gggoooiiippp/
- Dedicated website: http://gggoooiiippp.sf.net/
Pre-Summer of Code idea discussion & preparation
Incentive
Geeklog has had support for OpenID since version 1.5.0.
However, it currently only supports OpenID 1.1, you can only allow users to login using OpenID but can not have your Geeklog site act as an OpenID provider, and the library we are using isn't supported any more.
So for this project, we are looking for
- OpenID 2.0 support
- support for both the Consumer and the Provider side
Details
The idea behind OpenID is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.
Consumer and Provider
OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a Consumer) and it can provide an OpenID identity for users (i.e. act as a Provider) which they can then use to log into other OpenID-enabled sites.
A Geeklog site can currently only act as an OpenID consumer. We would like to see this extended to allow a site to also act as an OpenID provider for their users.
Things to consider:
- It should be possible to limit providing an OpenID identity only to members of a certain Geeklog group.
- An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.
Finding an OpenID Library
The main problem with this project is to find a usable OpenID 2.0 library. When checking the list of available libraries it turns out that all the PHP libraries listed there suffer from one or more of the following problems:
- does not support OpenID 2.0
- does only support one side (Consumer or Provider, but not both)
- is part of an exisiting framework
- is not available under a license that's compatible with the GPLv2
So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.
New Implementation?
Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is
- object oriented
- reusable (and, specifically, not tied to Geeklog)
- supports OpenID 2.0
- allows for both the Consumer and the Provider side
- published under the GPLv2 or a compatible license
Developing a new library would take up a good portion of the available time for this project, so it's possible that the student won't be able to finish integration of the library into Geeklog. We're willing to accept this in exchange for a solid and usable OpenID library.
Also see this post on the geeklog-devel mailing list for some clarification.
Level of Difficulty
The level of difficulty depends on the availability of a usable OpenID library:
- hard - if the OpenID 2.0 library has to be implemented by the student.
- medium - if a suitable library exists.