[development] OpenID

Boris Mann boris at bryght.com
Mon Jul 31 18:46:11 UTC 2006 

On 31-Jul-06, at 7:07 AM, Dries Buytaert wrote:

>
> On 31 Jul 2006, at 15:19, Bill Fitzgerald wrote:
>
>> We just launched an open source project (http://openacademic.org)  
>> centered around the use of Drupal, Moodle, Elgg, and Mediawiki in  
>> education -- we are using OpenID for SSO, with Drupal as an OpenID  
>> client -- we will be working with the existing Drupal OpenID  
>> module to make some upgrades/improvements -- we'd love to work  
>> with folks to get this done.
>
> For kicks (because I'm interested in the technology and because  
> Scott Kveton is a great guy), I reviewed the existing OpenID module  
> (written by a Janrain employee).  Frankly, the module needs to be  
> rewritten from scratch in the Drupal Way.  I'd advise against using  
> it as is, or building on top of it without refactoring the module  
> first.
>
> For us to receive the bounty, the module needs to go into Drupal  
> core, in which case we want to write an extremely lightweight  
> module of, say, 500 lines of code that acts as a replacement for  
> the drupal.module.  This means we have to remove the 90% of the  
> existing OpenID (eg. their PEAR mappings, their libraries and  
> various other glue), modify it to use our own database abstraction  
> layer, etc.  (The current OpenID module is about as big as Drupal  
> core.)

I had brought this up quite some time ago -- I believe we should ship  
with a standards-based distributed auth in core that is secure by  
default. My suggestion was in fact to use OpenID as the basis, since  
it is very simple.

James has done lots of work on dist auth, we would put some time into  
this as well -- we want to make sure other ID systems (e.g. SXIP)  
work together as well. The SXIP homesite module (Rowan Kerr) might  
have some helpful code in making the server component, or at least  
look at the architecture.

There is currently some PHP based server code floating around in a  
couple of different places, but it definitely needs updating. See:
* http://www.openidenabled.com/openid/libraries/php
* http://videntity.org/openid/

All those interested, lets move to http://groups.drupal.org/ 
distributed-authentication and assign tasks, etc.

--
Boris Mann
Vancouver 778-896-2747 San Francisco 415-367-3595
SKYPE borismann
http://www.bryght.com

More information about the development mailing list