Difference between revisions of "SoC full openid support"

From GeeklogWiki
Jump to: navigation, search
(added link to geeklog-devel discussion)
(+ present GSoC develpment information / links)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<center>(This is an idea page for the [[Google Summer of Code]])</center>
+
This is one of the projects to be implemented during the [[Google Summer of Code]] 2009.
  
== Incentive ==
+
'''Student:''' Choplair, '''Mentor:''' Randy Kolenko
 +
 
 +
 
 +
== Project info and advancement during Summer of Code ==
 +
 
 +
Thomas Gutleben, aka ''Choplair'', has been selected to achieve this project.
 +
 
 +
The independant OpenID library that needed to be created for the occasion has been named '''GGGOOOIIIPPP''', for "''Geeklog GNU GPL Object Oriented Opend ID Implementation In Pure PHP Project''".
 +
 
 +
Dedicated SourceForge account and website have been set up to obtain docs / information, grab source code and follow development in real-time.
 +
* SourceCode project summary: http://sourceforge.net/projects/gggoooiiippp/
 +
* Dedicated website: http://gggoooiiippp.sf.net/
 +
 
 +
== Pre-Summer of Code idea discussion & preparation ==
 +
 
 +
=== Incentive ===
  
 
Geeklog has had support for OpenID since [http://www.geeklog.net/article.php/geeklog-1.5.0 version 1.5.0].
 
Geeklog has had support for OpenID since [http://www.geeklog.net/article.php/geeklog-1.5.0 version 1.5.0].
Line 13: Line 28:
  
  
== Details ==
+
=== Details ===
  
 
The idea behind [http://openid.net/ OpenID] is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.
 
The idea behind [http://openid.net/ OpenID] is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.
  
=== Consumer and Provider ===
+
==== Consumer and Provider ====
  
 
OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a ''Consumer'') and it can provide an OpenID identity for users (i.e. act as a ''Provider'') which they can then use to log into other OpenID-enabled sites.
 
OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a ''Consumer'') and it can provide an OpenID identity for users (i.e. act as a ''Provider'') which they can then use to log into other OpenID-enabled sites.
Line 28: Line 43:
 
* An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.
 
* An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.
  
=== Finding an OpenID Library ===
+
==== Finding an OpenID Library ====
  
 
The main problem with this project is to find a usable OpenID 2.0 library. When checking the [http://wiki.openid.net/Libraries list of available libraries] it turns out that all the PHP libraries listed there suffer from one or more of the following problems:
 
The main problem with this project is to find a usable OpenID 2.0 library. When checking the [http://wiki.openid.net/Libraries list of available libraries] it turns out that all the PHP libraries listed there suffer from one or more of the following problems:
Line 39: Line 54:
 
So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.
 
So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.
  
=== New Implementation? ===
+
==== New Implementation? ====
  
 
Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is
 
Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is
Line 54: Line 69:
  
  
== Level of Difficulty ==
+
=== Level of Difficulty ===
  
 
The level of difficulty depends on the availability of a usable OpenID library:
 
The level of difficulty depends on the availability of a usable OpenID library:

Latest revision as of 21:36, 3 June 2009

This is one of the projects to be implemented during the Google Summer of Code 2009.

Student: Choplair, Mentor: Randy Kolenko


Project info and advancement during Summer of Code

Thomas Gutleben, aka Choplair, has been selected to achieve this project.

The independant OpenID library that needed to be created for the occasion has been named GGGOOOIIIPPP, for "Geeklog GNU GPL Object Oriented Opend ID Implementation In Pure PHP Project".

Dedicated SourceForge account and website have been set up to obtain docs / information, grab source code and follow development in real-time.

Pre-Summer of Code idea discussion & preparation

Incentive

Geeklog has had support for OpenID since version 1.5.0.

However, it currently only supports OpenID 1.1, you can only allow users to login using OpenID but can not have your Geeklog site act as an OpenID provider, and the library we are using isn't supported any more.

So for this project, we are looking for

  • OpenID 2.0 support
  • support for both the Consumer and the Provider side


Details

The idea behind OpenID is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.

Consumer and Provider

OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a Consumer) and it can provide an OpenID identity for users (i.e. act as a Provider) which they can then use to log into other OpenID-enabled sites.

A Geeklog site can currently only act as an OpenID consumer. We would like to see this extended to allow a site to also act as an OpenID provider for their users.

Things to consider:

  • It should be possible to limit providing an OpenID identity only to members of a certain Geeklog group.
  • An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.

Finding an OpenID Library

The main problem with this project is to find a usable OpenID 2.0 library. When checking the list of available libraries it turns out that all the PHP libraries listed there suffer from one or more of the following problems:

  • does not support OpenID 2.0
  • does only support one side (Consumer or Provider, but not both)
  • is part of an exisiting framework
  • is not available under a license that's compatible with the GPLv2

So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.

New Implementation?

Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is

  • object oriented
  • reusable (and, specifically, not tied to Geeklog)
  • supports OpenID 2.0
  • allows for both the Consumer and the Provider side
  • published under the GPLv2 or a compatible license

Developing a new library would take up a good portion of the available time for this project, so it's possible that the student won't be able to finish integration of the library into Geeklog. We're willing to accept this in exchange for a solid and usable OpenID library.

Also see this post on the geeklog-devel mailing list for some clarification.


Level of Difficulty

The level of difficulty depends on the availability of a usable OpenID library:

  • hard - if the OpenID 2.0 library has to be implemented by the student.
  • medium - if a suitable library exists.