OpenID support

[Sebastian Spaeth]

This is probably not gonna happen for a long time, but I would love
to lobby for openID support at some point. I love the way you can
e.g. register at this redmine instance, prefilling your user data
and not needig a separate password.

There are a ton of openID providers out there already, yahoo,
google, launchpad, facebook(?), etc., so everyone has one already.

Feel free to assign this to a "way in the future" wishlist
milestone.

[Christopher Allan Webber]

We definitely should have OpenID support. Agreed, not an immediate
feature, but we should certainly have it.

Of course, if someone wants to look at adding OpenID auth to the
current auth system now, we could talk about how to make the auth
system more extensible.

[Elrond]

Please consider to have multiple openids per user. That way people
can still login, when one provider breaks.

[Caleb Davis]

I'm interested in doing this sooner rather than later. I was going
to use paste's wrapper for python-openid, but there's a known issue
with paste/auth/open\_id.py -

::

      File "/home/vdfc/src/mediagoblin/eggs/Paste-1.7.5.1-py2.6.egg/paste/auth/open_id.py", line 112, in __init__
        self.oidconsumer = consumer.OpenIDConsumer(store)
    AttributeError: 'module' object has no attribute 'OpenIDConsumer'

`http://gminick.wordpress.com/2009/06/08/new-approach-wsgiwebob-instead-of-pylons/ <http://gminick.wordpress.com/2009/06/08/new-approach-wsgiwebob-instead-of-pylons/>`_
`http://gminick.wordpress.com/2009/06/18/next-step-openid-logging/ <http://gminick.wordpress.com/2009/06/18/next-step-openid-logging/>`_

using python-openid directly was the next option, but the ratio of
new open issues to recently closed issues is not comforting

`https://github.com/openid/python-openid/issues?sort=created&direction=desc&state=open&page=1 <https://github.com/openid/python-openid/issues?sort=created&direction=desc&state=open&page=1>`_

There are a large number of other openid python packages to sort
through -
`http://pypi.python.org/pypi?%3Aaction=search&term=openid&submit=search <http://pypi.python.org/pypi?:action=search&term=openid&submit=search>`_

[Christopher Allan Webber]

You're right that there hasn't been much progress on this lately,
it seems.

But are any of the alternative libraries **really** better? It
looks like most of the libraries here are wrapping
python-openid...

My vote is to go with python-openid as a dependency and do whatever
wrapping we need to ourselves. If there are fixes to be applied,
we'll submit patches and hope they get merged.

That's my suggestion!

[Will Kahn-Greene]

The original url for this bug was ​http://bugs.foocorp.net/issues/310 .

[elf Pavlik]

i would suggest some generic login solutions, like those listed here:
​http://www.w3.org/community/rww/wiki/Authentication

this way we can also support BrowserID, WebID, OpenID Connect and whatever other open protocols people would like to use =)

[Emily O'Leary]

As I mentioned in #525, I'm going to look into this and see if I can tackle it.

[Emily O'Leary]

Looking at the link elf-pavlik sent I found a django module that does all this authentication. It's permissive licensed and I think I might be able to extract the important bits from it and make it work with our setup without adding too many dependencies. (Possible one was mentioned above python-openid). We already have oauth2 so that's good.

I just need to rip the django bits out or see if it's even worth it. I'll need more time to analyze the code to figure that out though.

[Christopher Allan Webber]

I'm assigning this to LotusEcho assuming you're actively working on it, but feel free to unclaim if not active at the moment. Thanks!

[rodney757]

​https://github.com/rodney757/mediagoblin/tree/openid