OpenID Attribute Exchange Implementation

We encourage users to post events happening in the community to the community events group on https://www.drupal.org.
You are viewing a wiki page. You are welcome to join the group and then edit it. Be bold!

Project information

DONETODO::Project page on drupal.org: http://drupal.org/project/FOO
Project page on drupal.org:
http://drupal.org/project/openid_ax

Current status:

DONE on Apr25th setting up the pre requirements.

Waiting for the exams to get over on may 2nd, 2008
yay, exams over now! Now full time into soc!

Apr25: Created CVS project dir openid_ax and added the project page!
http://drupal.org/project/openid_ax

May 10
Setup
http://pragyan.org/op
http://pragyan.org/rp

to use for various testing purposes.

May 27
committed info and install files. submitted a patch for openid.module
http://drupal.org/node/263278

Mentor: James Walker(Walkah)
Co-mentor: James A.Reyero

Description

OpenID AX implementation.
OpenID Attribute Exchange is an extension for OpenID service which allows the transfer of various user related details/information/attributes between the relying party and the identity provider. There are two primary operations that can be done using the Attribute Exchange:
a) Fetch/retrieve some required attribute about the user from the identity provider.
b) Store some additional attribute about the user on his identity provider.

The OpenID Attribute Exchange service extension provides a mechanism for moving identity information between sites with the following information model:
An attribute associated with a Subject Identifier, i.e, an URI.
An attribute having a type identifier( another URI, which is used for referring to property values) and a value(any kind of data)

The Relying Party module part will allow for discovery, fetch request message and store request message using the standard specifications as described in

http://openid.net/specs/openid-attribute-exchange-1_0.html

Also the Identity Provider part of the module will allow for fetch response and store response in the apt formats as detailes by the standard specifications.

Some links I refer to again and again!
http://drupal.org/node/249455 (soc 2008 students and mentors list)
http://groups.drupal.org/node/10879 (soc 2008 welcome to drupal community post)
http://drupal.org/node/321 (Checking Out from the Contributions Repository CVS)
http://drupal.org/coding-standards
http://soc2008.hotdrupal.com/ (VPS)

Project schedule

Mostly as mentioned in the application.

Status updates

2008-05-29

Task summary:
Did the info and install page and committed to CVS.
Put in a patch for AX implementation with the openid.module for client side.
http://drupal.org/node/263278

Next week will be working on server side things after the OP receives a ns.ax request.
Various cases to be implemented:
AX request along with Openid authentication request.
AX request without an openid authentication request. In this case do the normal openid authentication part befor serving up the AX request.

Difficulties encountered (if any):

One thing that is running through my mind which I ll need in the coming weeks, not right now, is how should I be integrating the contents of two forms?
As in how should the content of openid_ax form should be displayed along with the same page/form as that generated from openid_provider_form(). Reading upon it rt now. Suggestions/comments are welcome.

Also review of the code already submitted will be very much welcome.

Change Log:

  • Initial code import from latest release package (Drupal 6.2)
  • Installed module openid, openid_provider
  • Created module openid_ax (folder)
  • Created openid.info and openid.install
  • Committed the above two files

2008-06-04

Task summary:
1) What I did this week?
Did the initial part for fetch response server side. Can now send successful fetch responses. Modified the db structure for adding personas.
Modified install file accordingly.

2) Plans for next week.
To serve the store_request part. Add the entries to the db to the corresponding tables and generate the store response.

Difficulties encountered (if any):
From openid_ax.inc::
$identifiers=(implode("','",$identifier));
$identifiers_id = db_query("SELECT * FROM {openid_ax_attributes} WHERE identifier IN ('$identifiers')");

This is how I did this query. If I passed $identifiers through '%s', the quotes ' in implode result get escaped.
So I escaped the $identifiers values themselves instead earlier in the function using mysql_escape().

Change Log:

  • Changed openid_ax.install to support the personas. Changed primary key for openid_ax_values. Added personas related columns.
  • Did server side support for openid fetch response.

2008-06-10

What I did this week?
Store request processing and entry storing it in the db (comitted to cvs) along with corresponding store response.(yet to commit)

Plans for next week?
To add the user interaction part with the OP, where the user accepts/disagrees to send the AX attributes to RP. The corresponding processing after the user response.

Any problems?
Nothing new or substantial.

2008-06-17

What I did this week:
Constructed the form for user interface/interaction to agree/disagree/edit the attributes to be send to RP

Plans for next week:
Currently reading up on hooks from api.drupal.org. Will work upon the same user interface with further discussion with the mentors.

Any problems?
A few problems with forms and hooks. Currently discussing it with walkah.

2008-06-24

What I did this week?
Completed UI for fetch requests.
Processing of fetch response after user interaction/edition etc.
Installed a local copy of api.d.o for reference!

What I plan to do next week.
UI for store_request
Processing of store_request after user interaction

Any Problems

The processing of the fetch_response after user interaction. Have done two different codes for it. One of them is in comments. Will like to know which one shall be better. Pending interaction with mentors.

2008-07-01

What I did this week?
Change of plans to prepare for the upcoming evals. Did not work on UI for store_request. Rather did the UI for storing/editing persona values, something I initially intended to do in mid july.

What I plan to do next week.
Cleaning up the act for the evals. Prepare a release etc. Do a fresh sandbox install to see what all is required in the present state for a user to test AX.
UI for store_request
Processing of store_request after user interaction

Any Problems

Form api is a bit difficult. Walkah and #drupal (& Druplicon) helped out along :)

2008-07-08

What I did this week?
basic UI for store_request

What I plan to do next week.
Continuing with UI for store_request
Persona creation

Any Problems

N/A

2008-07-15

What I did this week?
Finished persona creation/edition

What I plan to do next week.
Persona management, viz, copying values from one persona to another, renaming, deleting personas, etc.

Any Problems

N/A

2008-07-22

2008-07-29

2008-08-05

Oops!
College reopening ate up into my last fortnight! Now back to work!
Currently working on UI for persona management

2008-08-12

Finished up with all UI including persona managaement. Revamped persona edition that was hurrily done for mid term evaluation. Will be doing tests now!

2008-06-03

...
etc.
Every Tuesday, starting on May 29, we require a brief status update about your project that answers the following questions:
1. What did you get done this week?
2. What's your plan for next week?
3. Is there anything holding you up?

That's it. Shouldn't take any longer than 2-3 minutes to complete (though feel free to write a book if you want ;)).

Comments

Problems with op/rp::Signature mismatch

anshuprateek's picture

Am having some problems with my OP setup at http://pragyan.org/op
I have the problem documented at
http://drupal.org/node/256979

Anyone's help with the problem will be a big relief!

Cheers
Anshu Prateek

Demonstration site!

anshuprateek's picture

Demonstration site for Attribute Exchange fetch_request is up at

http://soc2008.hotdrupal.com/~anshu_p/op/

Reviews and feedback are most welcome :)

SoC 2008

Group categories

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds:

Hot content this week