Difference between revisions of "SoC full openid support"

From GeeklogWiki
Jump to: navigation, search
(added link to geeklog-devel discussion)
m
Line 1: Line 1:
 
<center>(This is an idea page for the [[Google Summer of Code]])</center>
 
<center>(This is an idea page for the [[Google Summer of Code]])</center>
  
== Incentive ==
+
== Project info and advancement during Summer of Code ==
 +
 
 +
(to be written)
 +
 
 +
 
 +
== Pre-Summer of Code idea discussion & preparation ==
 +
 
 +
=== Incentive ===
  
 
Geeklog has had support for OpenID since [http://www.geeklog.net/article.php/geeklog-1.5.0 version 1.5.0].
 
Geeklog has had support for OpenID since [http://www.geeklog.net/article.php/geeklog-1.5.0 version 1.5.0].
Line 13: Line 20:
  
  
== Details ==
+
=== Details ===
  
 
The idea behind [http://openid.net/ OpenID] is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.
 
The idea behind [http://openid.net/ OpenID] is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.
  
=== Consumer and Provider ===
+
==== Consumer and Provider ====
  
 
OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a ''Consumer'') and it can provide an OpenID identity for users (i.e. act as a ''Provider'') which they can then use to log into other OpenID-enabled sites.
 
OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a ''Consumer'') and it can provide an OpenID identity for users (i.e. act as a ''Provider'') which they can then use to log into other OpenID-enabled sites.
Line 28: Line 35:
 
* An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.
 
* An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.
  
=== Finding an OpenID Library ===
+
==== Finding an OpenID Library ====
  
 
The main problem with this project is to find a usable OpenID 2.0 library. When checking the [http://wiki.openid.net/Libraries list of available libraries] it turns out that all the PHP libraries listed there suffer from one or more of the following problems:
 
The main problem with this project is to find a usable OpenID 2.0 library. When checking the [http://wiki.openid.net/Libraries list of available libraries] it turns out that all the PHP libraries listed there suffer from one or more of the following problems:
Line 39: Line 46:
 
So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.
 
So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.
  
=== New Implementation? ===
+
==== New Implementation? ====
  
 
Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is
 
Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is
Line 54: Line 61:
  
  
== Level of Difficulty ==
+
=== Level of Difficulty ===
  
 
The level of difficulty depends on the availability of a usable OpenID library:
 
The level of difficulty depends on the availability of a usable OpenID library:

Revision as of 17:21, 9 May 2009

(This is an idea page for the Google Summer of Code)

Project info and advancement during Summer of Code

(to be written)


Pre-Summer of Code idea discussion & preparation

Incentive

Geeklog has had support for OpenID since version 1.5.0.

However, it currently only supports OpenID 1.1, you can only allow users to login using OpenID but can not have your Geeklog site act as an OpenID provider, and the library we are using isn't supported any more.

So for this project, we are looking for

  • OpenID 2.0 support
  • support for both the Consumer and the Provider side


Details

The idea behind OpenID is to provide a generic login that you can use to log into any site that supports OpenID without the need to register with all those sites. The current version of the OpenID specification is 2.0 and has since been widely adopted and received backing from many well-known names.

Consumer and Provider

OpenID covers both sides of the login process: A website can allow users to login using their OpenID (i.e. act as a Consumer) and it can provide an OpenID identity for users (i.e. act as a Provider) which they can then use to log into other OpenID-enabled sites.

A Geeklog site can currently only act as an OpenID consumer. We would like to see this extended to allow a site to also act as an OpenID provider for their users.

Things to consider:

  • It should be possible to limit providing an OpenID identity only to members of a certain Geeklog group.
  • An OpenID login consists of a URL. We would need a simple and memorable URL scheme on the Geeklog side that can be used as the OpenID login.

Finding an OpenID Library

The main problem with this project is to find a usable OpenID 2.0 library. When checking the list of available libraries it turns out that all the PHP libraries listed there suffer from one or more of the following problems:

  • does not support OpenID 2.0
  • does only support one side (Consumer or Provider, but not both)
  • is part of an exisiting framework
  • is not available under a license that's compatible with the GPLv2

So the student's first task would be to research the available options and see if there is an OpenID library that fits our requirements or if it has to be implemented during this project.

New Implementation?

Should it turn out that there are no suitable libraries available, we would like to see a new library being implemented that is

  • object oriented
  • reusable (and, specifically, not tied to Geeklog)
  • supports OpenID 2.0
  • allows for both the Consumer and the Provider side
  • published under the GPLv2 or a compatible license

Developing a new library would take up a good portion of the available time for this project, so it's possible that the student won't be able to finish integration of the library into Geeklog. We're willing to accept this in exchange for a solid and usable OpenID library.

Also see this post on the geeklog-devel mailing list for some clarification.


Level of Difficulty

The level of difficulty depends on the availability of a usable OpenID library:

  • hard - if the OpenID 2.0 library has to be implemented by the student.
  • medium - if a suitable library exists.