SoC full openid support
Contents
Incentive
Geeklog has had support for OpenID since version 1.5.0.
However, it currently only supports OpenID 1.1, you can only allow users to login using OpenID but can not have your Geeklog site act as an OpenID provider, and the library we are using isn't supported any more.
So for this project, we are looking for
- OpenID 2.0 support
- support for both the Consumer and the Provider side
Details
The idea behind OpenID is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.
Consumer and Provider
OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a Consumer) and it can provide an OpenID identity for users (i.e. act as a Provider) which they can then use to log into other OpenID-enabled sites.
A Geeklog site can currently only act as an OpenID consumer. We would like to see this extended to allow a site to also act as an OpenID provider for their users.
Things to consider:
- It should be possible to limit providing an OpenID identity only to members of a certain Geeklog group.
- An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.
Finding an OpenID Library
The main problem with this project is to find a usable OpenID 2.0 library. When checking the list of available libraries it turns out that all the PHP libraries listed there suffer from one or more of the following problems:
- does not support OpenID 2.0
- does only support one side (Consumer or Provider, but not both)
- is part of an exisiting framework
- is not available under a license that's compatible with the GPLv2
So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.
New Implementation?
Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is
- object oriented
- reusable (and, specifically, not tied to Geeklog)
- supports OpenID 2.0
- allows for both the Consumer and the Provider side
- published under the GPLv2 or a compatible license
Developing a new library would take up a good portion of the available time for this project, so it's possible that the student won't be able to finish integration of the library into Geeklog. We're willing to accept this in exchange for a solid and usable OpenID library.
Level of Difficulty
The level of difficulty depends on the availability of a usable OpenID library:
- hard - if the OpenID 2.0 library has to be implemented by the student.
- medium - if a suitable library exists.