Opened 12 years ago

Closed 10 years ago

Last modified 9 years ago

#39 closed enhancement (fixed)

OpenID support

Reported by: Sebastian Spaeth Owned by:
Priority: trivial Milestone: 0.5.0
Component: programming Keywords:
Cc: Parent Tickets:

Description (last modified by Christopher Allan Webber)

This is probably not gonna happen for a long time, but I would love
to lobby for openID support at some point. I love the way you can
e.g. register at this redmine instance, prefilling your user data
and not needig a separate password.

There are a ton of openID providers out there already, yahoo,
google, launchpad, facebook(?), etc., so everyone has one already.

Feel free to assign this to a "way in the future" wishlist
milestone.



Subtickets

Change History (17)

comment:1 Changed 12 years ago by Christopher Allan Webber

We definitely should have OpenID support. Agreed, not an immediate
feature, but we should certainly have it.

Of course, if someone wants to look at adding OpenID auth to the
current auth system now, we could talk about how to make the auth
system more extensible.



comment:2 Changed 12 years ago by Elrond

Please consider to have multiple openids per user. That way people
can still login, when one provider breaks.



comment:3 Changed 11 years ago by Caleb Davis

I'm interested in doing this sooner rather than later. I was going
to use paste's wrapper for python-openid, but there's a known issue
with paste/auth/open\_id.py -

::

      File "/home/vdfc/src/mediagoblin/eggs/Paste-1.7.5.1-py2.6.egg/paste/auth/open_id.py", line 112, in __init__
        self.oidconsumer = consumer.OpenIDConsumer(store)
    AttributeError: 'module' object has no attribute 'OpenIDConsumer'

`http://gminick.wordpress.com/2009/06/08/new-approach-wsgiwebob-instead-of-pylons/ <http://gminick.wordpress.com/2009/06/08/new-approach-wsgiwebob-instead-of-pylons/>`_
`http://gminick.wordpress.com/2009/06/18/next-step-openid-logging/ <http://gminick.wordpress.com/2009/06/18/next-step-openid-logging/>`_

using python-openid directly was the next option, but the ratio of
new open issues to recently closed issues is not comforting

`https://github.com/openid/python-openid/issues?sort=created&direction=desc&state=open&page=1 <https://github.com/openid/python-openid/issues?sort=created&direction=desc&state=open&page=1>`_

There are a large number of other openid python packages to sort
through -
`http://pypi.python.org/pypi?%3Aaction=search&term=openid&submit=search <http://pypi.python.org/pypi?:action=search&term=openid&submit=search>`_



comment:4 Changed 11 years ago by Christopher Allan Webber

You're right that there hasn't been much progress on this lately,
it seems.

But are any of the alternative libraries **really** better? It
looks like most of the libraries here are wrapping
python-openid...

My vote is to go with python-openid as a dependency and do whatever
wrapping we need to ourselves. If there are fixes to be applied,
we'll submit patches and hope they get merged.

That's my suggestion!



comment:5 Changed 11 years ago by Will Kahn-Greene

The original url for this bug was http://bugs.foocorp.net/issues/310 .

comment:6 Changed 11 years ago by elf Pavlik

Component: component1

i would suggest some generic login solutions, like those listed here:
http://www.w3.org/community/rww/wiki/Authentication

this way we can also support BrowserID, WebID, OpenID Connect and whatever other open protocols people would like to use =)

comment:7 Changed 11 years ago by Christopher Allan Webber

Component: component1programming
Description: modified (diff)

comment:8 Changed 11 years ago by Jakob Kramer

Type: defectenhancement

comment:9 Changed 10 years ago by Emily O'Leary

Owner: set to Emily O'Leary

As I mentioned in #525, I'm going to look into this and see if I can tackle it.

comment:10 Changed 10 years ago by Emily O'Leary

Looking at the link elf-pavlik sent I found a django module that does all this authentication. It's permissive licensed and I think I might be able to extract the important bits from it and make it work with our setup without adding too many dependencies. (Possible one was mentioned above python-openid). We already have oauth2 so that's good.

I just need to rip the django bits out or see if it's even worth it. I'll need more time to analyze the code to figure that out though.

comment:11 Changed 10 years ago by Christopher Allan Webber

Status: acceptedin_progress

I'm assigning this to LotusEcho assuming you're actively working on it, but feel free to unclaim if not active at the moment. Thanks!

comment:12 Changed 10 years ago by Emily O'Leary

Owner: Emily O'Leary deleted
Status: in_progressaccepted

comment:13 Changed 10 years ago by rodney757

Owner: set to rodney757
Status: acceptedin_progress

comment:15 Changed 10 years ago by rodney757

Owner: rodney757 deleted
Status: in_progressreview

comment:16 Changed 10 years ago by rodney757

Resolution: fixed
Status: reviewclosed

comment:17 Changed 9 years ago by rodney757

Milestone: 0.5.0
Note: See TracTickets for help on using tickets.