[development] OpenID

Moshe Weitzman weitzman at tejasa.com
Sun Feb 12 22:05:11 UTC 2006

> Here is a link to the current module source, which is under fairly
> heavy development:
>   http://www.openidenabled.com/resources/downloads/php-openid/openid.module

Looks quite modern and Drupalish. Nice.

>  - The plugin declares a block hook and provides a one-field OpenID
>    login form that appears in the left navbar.  The module is not
>    really an authentication module because it doesn't declare an
>    appropriate authentication hook (username at server syntax won't work
>    for OpenID).  Various other callbacks in the module handle the
>    OpenID authentication steps and set $user when appropriate.

sure - your approach looks reasonable to me.

>  - If you log in with an OpenID and don't have a local Drupal account,
>    an account is created for you with the appropriate authmap record.
>    However, you'll be prompted for an email address upon successful
>    OpenID authentication *before* the Drupal account is created.  (My
>    goal here is to make sure any kind of profile info needed is
>    collected before the OpenID-auth'd user is allowed into Drupal.)

you might make this extra step optional. i think it is a hassle to provide 
an email address for a random site. current drupal auth creates accounts 
without an email address. drupal does not require email address if the 
account is created via code (the web ui requires email address)

>  - My major concern is how to blend OpenID with existing accounts so
>    users can choose to use OpenID for their accounts.

I think we're going to have to require that the user be logged into his 
current drupal account in order to do this. If so ...

Typical distributed auth modules in Drupal let a user edit his specifics for 
the remote site from his profile page. OpenID could provide an url textfield 
on the user profile page (see hook_user('form')). It could use 
hook_user('validate') to check the provided if needed. Thus we give a way 
for existing users to add openID to their account.

How much is involved in implementing the server side ofopenID? Can it be a 
Drupal module? One feature I like about current Drupal is that every site is 
instantly a client and a server for DA.

More information about the development mailing list