On 31-Jul-06, at 7:07 AM, Dries Buytaert wrote:
On 31 Jul 2006, at 15:19, Bill Fitzgerald wrote:
We just launched an open source project (http://openacademic.org) centered around the use of Drupal, Moodle, Elgg, and Mediawiki in education -- we are using OpenID for SSO, with Drupal as an OpenID client -- we will be working with the existing Drupal OpenID module to make some upgrades/improvements -- we'd love to work with folks to get this done.
For kicks (because I'm interested in the technology and because Scott Kveton is a great guy), I reviewed the existing OpenID module (written by a Janrain employee). Frankly, the module needs to be rewritten from scratch in the Drupal Way. I'd advise against using it as is, or building on top of it without refactoring the module first.
For us to receive the bounty, the module needs to go into Drupal core, in which case we want to write an extremely lightweight module of, say, 500 lines of code that acts as a replacement for the drupal.module. This means we have to remove the 90% of the existing OpenID (eg. their PEAR mappings, their libraries and various other glue), modify it to use our own database abstraction layer, etc. (The current OpenID module is about as big as Drupal core.)
I had brought this up quite some time ago -- I believe we should ship with a standards-based distributed auth in core that is secure by default. My suggestion was in fact to use OpenID as the basis, since it is very simple. James has done lots of work on dist auth, we would put some time into this as well -- we want to make sure other ID systems (e.g. SXIP) work together as well. The SXIP homesite module (Rowan Kerr) might have some helpful code in making the server component, or at least look at the architecture. There is currently some PHP based server code floating around in a couple of different places, but it definitely needs updating. See: * http://www.openidenabled.com/openid/libraries/php * http://videntity.org/openid/ All those interested, lets move to http://groups.drupal.org/ distributed-authentication and assign tasks, etc. -- Boris Mann Vancouver 778-896-2747 San Francisco 415-367-3595 SKYPE borismann http://www.bryght.com