OpenID

This is a working document as a follow up to RFC: OpenID roadmap. It summarizes the current tasks being worked on for accomplishing steps 1 and 2 outlined in the roadmap.

Step 1

OpenID Provider modules

• #399746 Refactor dependencies AX - Persona OpenID Provider AX / OpenID Provider Persona
• #430332 Make SREG independent of Persona OpenID Provider SREG

Based on an email conversation I had with Darren, Evgeny, Aron Novak and Walkah I pulled together this roadmap for advanced OpenID features (attribute exchange, provider, etc).

The goal is to reduce the overall number of modules involved in deploying OpenID attribute exchange features, to expand on existing content profile integration, to remove dependencies on modules that are not used in all use cases and to push changes into OpenID and OpenID Provider where it makes sense.

Is there a way to restrict user registration to openID only. I was not able to find such a module, though I looked at a few openID related modules. Optionally it could also require openID to log in such as the LDAP module does already (and disable the regular login mechanism except for uid 1).

UPDATE: We are in room 142 and in #drupal-openid (on freenode) if you want to join in.

Let's focus some development energy on OpenID - related technology!

There are lots of things to do:

• Simpletests for OpenID module in D7
• Move toward a stable OpenID Provider release
• Work with OAuth
• Core OpenID issues
• User experience issues

Hope to see you there!

I would like feedback and recommendations on researching how Drupal generates unique keys for a new Drupal installation and how OpenID utilizes the keys when validating a new user Session for a valid user account.

Subjects Involved
1) Building a multi-site deployment system that will create new Drupal multi-sites using database replication.
2) Each site requires integration with an OpenID server and authentication of local users accounts to OpenID.

Research
1) Conflict Resolution.

Hi,

I really need the openid_provider to come to a release and was wondering what needs to be in it before this can happen. I've tried to contact walkah for some feedback but have not been very successful at that.

Please comment on:
http://drupal.org/node/252588
http://drupal.org/node/246501

And please test:
http://drupal.org/node/246530

Is there any interest in having one or more Summer of Code students to work on this? Here at OSU we're getting some pings from potential applicants on working on OpenID 2.0 server support in D6. We'd be delighted to point some of our mentor and SoC student resources at this project. Especially adding support for AX, etc.

Thoughts?

Is there any interest in having one or more Summer of Code students to work on this? Here at OSU we're getting some pings from potential applicants on working on OpenID 2.0 server support in D6. We'd be delighted to point some of our mentor and SoC student resources at this project. Especially adding support for AX, etc.

Thoughts?

Is anyone porting the openID server part from the 4.7-2.x branch to D6? If someone started at some point I'm interested in the code to finish it. If I ever make it to something usable should this be posted to http://drupal.org/project/openId or should a new project (http://drupal.org/project/openId_server) be started?

Is anyone porting the openID server part from the 4.7-2.x branch to D6? If someone started at some point I'm interested in the code to finish it. If I ever make it to something usable should this be posted to http://drupal.org/project/openId or should a new project (http://drupal.org/project/openId_server) be started?

I have renamed this group to OpenID and its URL has changed accordingly. Lets use this group to discuss OpenID for *.drupal.org and for Drupal7.

walkah has just finished his OpenId session at Boston2008.

I have renamed this group to OpenID and its URL has changed accordingly. Lets use this group to discuss OpenID for *.drupal.org and for Drupal7.

walkah has just finished his OpenId session at Boston2008.

James Walker has pushed an OpenID client into core for D6. I moved all distributed auth to drupal.module from user.module. it should be pretty easy to eject it completely when someone gets the urge.

Any reason to keep this group around? Should we rename to OpenID?

And of course, we still need that OpenID server module for D6 :)

James Walker has pushed an OpenID client into core for D6. I moved all distributed auth to drupal.module from user.module. it should be pretty easy to eject it completely when someone gets the urge.

Any reason to keep this group around? Should we rename to OpenID?

And of course, we still need that OpenID server module for D6 :)

Rumors of new 4.7 based OpenID server and client modules are running wild. The rumors swirl around Bryght and the mysterious James Walker in particular. Can anyone confirm or deny?

Rumors of new 4.7 based OpenID server and client modules are running wild. The rumors swirl around Bryght and the mysterious James Walker in particular. Can anyone confirm or deny?

Here are links to various server PHP code with some notes:

Videntity - http://videntity.org/openid/

<

blockquote>
PHP OpenID is intended to run on any version of PHP >= 4.1.0, although I have only tested it with PHP5 and PHP4.4 on gentoo. If you encounter problems running with other versions, please let me know. Great care has been taken to use PHP extensions when available and to provide fallback routines in case the extension is not present. These fallback routines are often slower and may not be as secure or "rock-solid". For production use of the library, I recommend installation of these extensions: gmp, mhash, curl, and tidy2. PHP OpenID does not use or require PEAR.

Here are links to various server PHP code with some notes:

Videntity - http://videntity.org/openid/

<

blockquote>
PHP OpenID is intended to run on any version of PHP >= 4.1.0, although I have only tested it with PHP5 and PHP4.4 on gentoo. If you encounter problems running with other versions, please let me know. Great care has been taken to use PHP extensions when available and to provide fallback routines in case the extension is not present. These fallback routines are often slower and may not be as secure or "rock-solid". For production use of the library, I recommend installation of these extensions: gmp, mhash, curl, and tidy2. PHP OpenID does not use or require PEAR.