PDA

View Full Version : OpenID Authentication


wnorris
07-10-2006, 10:00 PM
I've finished a first draft of an add-on to support OpenID Authentication. This requires no code changes and only one template change. The caveat however, is that it does require two third party libraries to handle the OpenID and Yadis protocols. I've only tested it on 3.5.4, but I'm pretty sure it should work in 3.6 (RC1) as well.

Right now, this add-on allows existing users to populate a custom profile field with their OpenID URL, and then use that for subsequent logins. This does NOT allow new users to register with their OpenID... they will still need to create an initial password and such as normal. I'd like to change that in a future release.

If you're not familiar with OpenID, check out http://openid.net/

Protoman
07-12-2006, 08:20 PM
So from what I read they still need to create a password on your site :surprised:
but it shares the userID (url) across all sites...?

Just trying to lay out the benefits of using this

wnorris
07-12-2006, 10:42 PM
right now, yes you would still need to setup a password. Once the account is created, you can setup your OpenID and use that for subsequent logins instead of the username/password pair. Ultimately, it needs to have user registration using only OpenID to be truly useful, but this is the first half of it.

dwillb
07-15-2006, 12:12 AM
This looks promising. I will wait for the next half :)

ShannonA
08-10-2006, 04:34 PM
Any verification of 3.6.0 compatibility? Any word on the second-half rollout?

I'm just in the process of pulling my three boards up to 3.6.0 and I'm probably going to put this in at this point, unless you tell me that a new release is around the corner.

xopek
11-26-2006, 08:51 PM
Any ideas of how I can get it to work in the opposite way? I.e. for every user registered on the forum provide openid verification if they want to use logins from my forum on other openid enabled sites?

Denis

wnorris
11-27-2006, 03:12 AM
Well, the first step would be to look at the OpenID PHP Library (http://www.openidenabled.com/openid/libraries/php) at openidenabled.com. Technically, it should certainly be possible, but you may run into a few problems. The first that comes to mind, is what would a user's URL be? The most obvious would be the URL for the member page, but that is of the form "http://site.com/board/member.php?u=12345"... certainly not something all that easy to remember. Moreover, I would seriously think about whether you *should* be running an OpenID server, from a philosophical perspective. For the particular community that I run (and I would imagine this would be the case for most communities), it makes far more sense for my users to bring their own OpenID (from their LiveJournal, perhaps) and I just consume them. If they don't have an existing ID, I will likely point them to somewhere like myopenid.com (http://www.myopenid.com).

szpak@coachingp
03-06-2007, 06:57 PM
I installed this on 3.6.5. There were a couple of glitches:

the forum url and home url ($vbulletin->options['homeurl']) have to be the same for the proper redirect URL to be constructed for the Identity Provider
the profilefield table doesn't have a title field, so the code which tries to discover the profilefieldid of the OpenID field in the user profile doesn't work - I worked around that by hardcoding the profilefieldid (there must be a way to discover that!)


Now works great with iNames!

- Mark

wnorris
03-06-2007, 07:42 PM
Yeah, I probably need to revisit a lot of things about this plugin. Recently, I've been focusing on a Wordpress plugin to enable OpenID, but I'll try and get back on this on and finish it up. There is also a good plugin for phpBB at http://openid.phpbb.cc/ which I may look at using for some inspiration.

szpak@coachingp
03-07-2007, 02:17 PM
I've also installed your WordPress OpenID plugin :-) - thanks muchly!

A next step for the vBulletin plugin would I think be to allow registering with an OpenID, and have that URL or iName be used as the vBulletin username.

Gary King
03-10-2007, 05:28 PM
This is very interesting, but it'll be really awesome once you've made it so that people can REGISTER with their OpenID :) That's really the whole point of OpenID in the first place :D

ShatterStudios
06-19-2007, 05:34 AM
Any developments? I'd love to integrate OpenID with my board, regardless of whether file uploads would be involved.

wnorris
06-19-2007, 03:51 PM
unfortunately no, there are no new developments on this plugin. I no longer manage the vB community I had, so it would be difficult for me to maintain this anyway. If anyone else is interested in taking over the project, I would be more than happy to pass the torch off so that development can continue.

ZeroHour
10-03-2007, 11:31 PM
I installed this on 3.6.5. There were a couple of glitches:

the forum url and home url ($vbulletin->options['homeurl']) have to be the same for the proper redirect URL to be constructed for the Identity Provider
the profilefield table doesn't have a title field, so the code which tries to discover the profilefieldid of the OpenID field in the user profile doesn't work - I worked around that by hardcoding the profilefieldid (there must be a way to discover that!)


Now works great with iNames!

- Mark

I am still having problems. Putting a break; into the code does not seem to work (or well stop the php engine) and changes dont seem to be reflected.
Bit of a vBulletin n00b for now so go easy ;)

tcviper
01-09-2008, 08:12 AM
Any update on this plugin? Would be really cool to see it work with version 2.0 and 1.0 of OpenID. And maybe allow sign ups aswell?

szpak@coachingp
01-09-2008, 02:44 PM
I think it's the supporting JanRain php OpenID libraries that make it work with OpenID 1.1 and 2.0.

I've written a plugin that allows registration using OpenID/iNames. It that makes use of wnorris' OpenID plugin. Should I post that here, or to a new thread?

tcviper
01-09-2008, 04:46 PM
Just post it please, so with yours we can let them login and register on vbulletin right?

deathemperor
01-18-2008, 09:53 AM
I'd like to open to continue the development for this since Yahoo has just accepted OpenID.

cheesegrits
01-20-2008, 06:55 AM
I decided last night to implement OpenID myself, as the author of this mod hasn't been online in 9 months. Unfortunately I didn't notice Mark's (szpak) post above, otherwise I'd have talked to Mark first!

I took a slightlly different approach, but it's still all plugins, a couple of template edits, and one file upload. I'm actually using a small, self contain class for the OpenID consumer stuff, rather than the rather bloated JanRain ones. Although there's a lot to be said for using the mainstream JanRain code, I wanted to see if I could build something small and self contained.

Mark - did you find a way of deriving the timezone offset from the country/city code? MySQL does support xoneinfo, but Imost hosted vB's either aren't going to have access to those tables, and they probably aren't installed properly anyway.

-- hugh

szpak@coachingp
01-21-2008, 07:04 PM
Is class.openid.php the one-file OpenID consumer you're using? I've used that in the past for another project (it supported both URL-based OpenIDs and iNames). Are you implementing registration as well as login using OpenID?

I didn't do anything with timezone handling - just made the minimum number of plugin hooks in the registration code so you could either do a brand-new registration using your OpenID, or else if you already have an account then associate that with an OpenID (and confirm validity of that OpenID in both cases). Otherwise I used wnorris' code for logging in, with one small change.

- Mark

cheesegrits
01-21-2008, 10:07 PM
Yup, only I'm using class.openid.v2.php. I'm still in two minds as to whether to stick with it, or use the no doubt more mainstream JanRain stuff.

Yes, I'm doing registration. I just re-organized the regular registration page a little to put the CAPTCHA at the top, as we want to process that regardless, then an either / or for OpenID or specifying the regular details as normal.

Then one plugin one the start hook that just handles the referering and response from OpenID, grabbing the response data, creating a random password, and finagling the $_POST variables for 'addmember' appropriately. And one on the stop hook to associate the OpenID identity with the new user.

The one thing I don't like about wnorris's code is that it relies on using a standard login with blank password, and catching the authentication failure. I much prefer having an explicit OpenID field in the login form, and taking a separate route through the code. No disrespect to wnorris, his is a perfectly workable way of doing it. I just prefer to stick to the OpenID standard UI, and making it a separate, clearly labeled option.

Have you seen this page:

http://www.plaxo.com/api/openid_recipe

... which suggests allowing the users to attach multiple openid's to their account. I'm assuming this is as a fallback in case their primary povider is down for some reason? I can't think of any other reason for needing more than one OpenID associated with a given bb account?

-- hugh

tcviper
01-22-2008, 06:21 PM
Can you share the plugin so we can let people either register or connect their already existing vb account with their openid one?

cheesegrits
01-22-2008, 11:22 PM
I think szpak's version is the one that should be released, as he's building on the existing wnorris code which uses the more "official" JanRain libraries. Mine was more of a personal experiment, I just wanted to play with openid. But I would be more than willing to help support and continue development with szpak, if he would like. There's lots of goodies coming down the pike with OpenID, and I'm very interested in keeping up with developments.

So I guess the main issue is we need to try and get hold of wnorris, and get permission to re-use his code, and re-release as a new version with the registration and openid account attaching / detaching.

-- hugh

thompson
05-27-2008, 03:23 PM
any news about that ?

cheesegrits
06-01-2008, 05:05 PM
Nope. The author of this particular hack doesn't seem to have logged in to vborg for over year.

I'd be willing to re-release and maintain an updated version of the hack, but I'd really need to get hold of wnorris first to get his permission.

-- hugh

GoldenChaos
06-06-2008, 08:16 PM
I completely support somebody taking this over and releasing it as a vB 3.7-compatible hack. I would love for my users to have the ability to login either with OpenID or with their existing vBulletin account, or effectively link the two together.

Which brings me to a good question: How does this effect the number of "registered users"? For example, if a forum has 50,000 users, and someone logs in with their OpenID, does the number of members increase to 50,001? If not, that's a serious deterrent from using an OpenID system.

mangel.ajo
06-10-2008, 08:32 PM
Nope. The author of this particular hack doesn't seem to have logged in to vborg for over year.

I'd be willing to re-release and maintain an updated version of the hack, but I'd really need to get hold of wnorris first to get his permission.

-- hugh

Did you try using private messages?

Good luck, and thanks

cheesegrits
06-15-2008, 10:04 PM
I completely support somebody taking this over and releasing it as a vB 3.7-compatible hack. I would love for my users to have the ability to login either with OpenID or with their existing vBulletin account, or effectively link the two together.

Which brings me to a good question: How does this effect the number of "registered users"? For example, if a forum has 50,000 users, and someone logs in with their OpenID, does the number of members increase to 50,001? If not, that's a serious deterrent from using an OpenID system.

Yes, the user gets added to your users database. It just doesn't store a password, and authentication happens differently.

Did you try using private messages?


Yup.

-- hugh

jmar
07-08-2008, 06:58 AM
Nope. The author of this particular hack doesn't seem to have logged in to vborg for over year.

I'd be willing to re-release and maintain an updated version of the hack, but I'd really need to get hold of wnorris first to get his permission.

-- hugh

https://vborg.vbsupport.ru/showpost.php?p=1271831&postcount=13
Maybe that's statement enough?

cheesegrits
07-08-2008, 03:12 PM
https://vborg.vbsupport.ru/showpost.php?p=1271831&postcount=13
Maybe that's statement enough?

For some reason I managed to miss that post.

Well yes, I guess that is pretty much statement enough. Next time I get a few spare minutes, I'll re-release this under a new thread, so I can start making changes.

I just need to check with the vborg godz to make sure this is kosher.

-- hugh

GoldenChaos
07-24-2008, 05:12 PM
Any word on this? Just popping in to let you know I'm still interested.

cheesegrits
07-28-2008, 09:07 PM
I checked with the vB Godz, they say it'll be OK to re-release this as a new mod, as the author gave blanket permission before going AWOL.

It'll be a little while before I can find the time to whip up a 3.7 version with the various requested improvements, but I'll post here as and when I get it done.

If anyone else has the time and inclination to help out, let me know.

-- hugh

AyeCapn
07-28-2008, 10:39 PM
hugh - I was a big fan of yours for a while on the vBlogetin project. I'm in for any testing you need.

cheesegrits
07-28-2008, 11:22 PM
Hey! Good to see you again.

Yeah, what happened with vBlogetin was a shame, but somewhat predictable once JelSoft vaporware-announced their blogs (premature announcement by about 9 months). But heck, that project taught me a lot about vB (including my new Golden Rule of "never write a huge vB project when it's likely vB will yank the rug out from under you") so personally it was worthwhile.

I'll shout when I'm closer to having something worth testing.

-- hugh

wnorris
07-30-2008, 02:12 PM
What should I do to officially hand this over to someone?

cheesegrits
07-30-2008, 04:12 PM
Hey! Welcome back!

I don't think you really need to do anything. You already offered it up for adoption, so this thread is enough to validate that. If you want to make it look official, you could respond and say "I, the party of the first part, do hereby ..." etc., in your best Imitation Legaleze.

When I get it 3.7-ized, I'll just start a new mod thread, and include attribution to you as the original author.

-- hugh

Spari
08-03-2008, 07:47 PM
Hey, guys, pleeeease make OpenID autorization/registration possible! At present time pрзИИ have pkugin to accept OpenID, moreover - SMF 2.0 (beta 3.1 now) already have working implemetation of OpenId 2.0/SREG accepting. I really just not understand WHY such smart, complex forum engine like vB don't support OpenID?

GoldenChaos
08-11-2008, 05:01 PM
cheesegrits, would you have a time frame of release for a 3.7 OpenID plugin? I'm really getting adamant about getting all of my sites OpenID enabled ASAP ;)... I know that holds no bearing on when you'll release your product, but a hint or estimate would make me feel better inside.

irishblacknight
09-11-2008, 12:43 AM
It would be great to see this available for 3.7 :)

AyeCapn
09-11-2008, 12:51 PM
I <3 cheesegrits :)

GoldenChaos
09-22-2008, 10:42 PM
It looks like cheesegrits hasn't logged in in a month and a half. I suppose the project isn't happening?

tpearl5
09-24-2008, 03:43 PM
keeping my eye on this.

Shamil.
10-29-2008, 09:15 PM
I doubt it - but i'll see what I can do :)

GoldenChaos
11-16-2008, 12:09 AM
Is there NOBODY who will pick up this project? I'm desperate for a full OpenID system for vB...

stuartm
02-24-2009, 07:36 PM
Is there NOBODY who will pick up this project? I'm desperate for a full OpenID system for vB...

I'm currently working on an OpenID product strongly based on the work by wnorris. It's working on vB 3.8.1 against JanRain's OpenID 2.x. There's still a couple of issues with automatic registration, but I hope to have those sorted out shortly. (stay tuned!)

4wdaction
03-06-2009, 02:02 AM
*bump*

Would like to see something like this up and running, any news?

GoldenChaos
03-19-2009, 03:44 PM
I'm currently working on an OpenID product strongly based on the work by wnorris. It's working on vB 3.8.1 against JanRain's OpenID 2.x. There's still a couple of issues with automatic registration, but I hope to have those sorted out shortly. (stay tuned!)
Good to hear. I'm about to jump ship and use Facebook Connect instead, but if you've got an OpenID solution intact, in any form, I'd rather use OpenID than Facebook Connect anyday.

I still really want to see a true OpenID solution come to vBulletin. A guy has got an entire Facebook Connect system up and running in the time that the OpenID community has done almost literally nothing. It's shameful.

SirFalcon
04-17-2009, 10:09 AM
Awesome, keep us up to date on this.

Puppetm4ster
04-28-2009, 09:13 PM
Maybe signing this petition

http://demand.openid.net/site/vbulletin.com

helps developers to see the common interest in this plugin. But it'll only help if as many users as possible gonna subscribe. It's just an OpenId away ;-)

khallmark
05-12-2009, 02:00 PM
This plugin is compatible up to 3.8.2. I have also successfully integrated it with the new 2.x.x series of OpenId libraries from here:

http://openidenabled.com/

You can get this plug-in working with the 2.0 library by changing line 25 of the "login_failure" plugin from:

$return = $auth->complete($_REQUEST);

to:

$return = $auth->complete($_REQUEST['openid_return_to']);

khallmark
05-12-2009, 02:38 PM
There is another problem I forgot about:

/*$fieldResult = $vbulletin->db->query_first('SELECT profilefieldid FROM ' . TABLE_PREFIX . 'profilefield WHERE title="' . $vbulletin->options['openid_field'] . '"');*/

That query no longer works. There is no "title" column in the profilefield table anymore. I hardcoded it for mine. You'll need to do something similar, or otherwise get the data from the phrase table.

DJ29Joesph
07-10-2009, 02:15 PM
Any Idea how I would add this to the admincp login page?

rsuplido
02-18-2010, 02:18 PM
Anyone tried running this with vb4?

justasiam
03-30-2010, 02:30 PM
I am just learning about OpenID. I put in a request to have my dns changed and did all the work on the OpenID site. How, I need to have vB4 allow for it.