OpenID Authentication
 

I've finished a first draft of an add-on to support OpenID Authentication. This requires no code changes and only one template change. The caveat however, is that it does require two third party libraries to handle the OpenID and Yadis protocols. I've only tested it on 3.5.4, but I'm pretty sure it should work in 3.6 (RC1) as well.

Right now, this add-on allows existing users to populate a custom profile field with their OpenID URL, and then use that for subsequent logins. This does NOT allow new users to register with their OpenID... they will still need to create an initial password and such as normal. I'd like to change that in a future release.

If you're not familiar with OpenID, check out http://openid.net/

So from what I read they still need to create a password on your site :surprised:
but it shares the userID (url) across all sites...?

Just trying to lay out the benefits of using this

right now, yes you would still need to setup a password. Once the account is created, you can setup your OpenID and use that for subsequent logins instead of the username/password pair. Ultimately, it needs to have user registration using only OpenID to be truly useful, but this is the first half of it.

This looks promising. I will wait for the next half :)

Any verification of 3.6.0 compatibility? Any word on the second-half rollout?

I'm just in the process of pulling my three boards up to 3.6.0 and I'm probably going to put this in at this point, unless you tell me that a new release is around the corner.

Any ideas of how I can get it to work in the opposite way? I.e. for every user registered on the forum provide openid verification if they want to use logins from my forum on other openid enabled sites?

Denis

Well, the first step would be to look at the OpenID PHP Library at openidenabled.com. Technically, it should certainly be possible, but you may run into a few problems. The first that comes to mind, is what would a user's URL be? The most obvious would be the URL for the member page, but that is of the form "http://site.com/board/member.php?u=12345"... certainly not something all that easy to remember. Moreover, I would seriously think about whether you *should* be running an OpenID server, from a philosophical perspective. For the particular community that I run (and I would imagine this would be the case for most communities), it makes far more sense for my users to bring their own OpenID (from their LiveJournal, perhaps) and I just consume them. If they don't have an existing ID, I will likely point them to somewhere like myopenid.com.

I installed this on 3.6.5. There were a couple of glitches:

• the forum url and home url ($vbulletin->options['homeurl']) have to be the same for the proper redirect URL to be constructed for the Identity Provider
• the profilefield table doesn't have a title field, so the code which tries to discover the profilefieldid of the OpenID field in the user profile doesn't work - I worked around that by hardcoding the profilefieldid (there must be a way to discover that!)

Now works great with iNames!

- Mark

Yeah, I probably need to revisit a lot of things about this plugin. Recently, I've been focusing on a Wordpress plugin to enable OpenID, but I'll try and get back on this on and finish it up. There is also a good plugin for phpBB at http://openid.phpbb.cc/ which I may look at using for some inspiration.

I've also installed your WordPress OpenID plugin :-) - thanks muchly!

A next step for the vBulletin plugin would I think be to allow registering with an OpenID, and have that URL or iName be used as the vBulletin username.

This is very interesting, but it'll be really awesome once you've made it so that people can REGISTER with their OpenID :) That's really the whole point of OpenID in the first place :D

Any developments? I'd love to integrate OpenID with my board, regardless of whether file uploads would be involved.

unfortunately no, there are no new developments on this plugin. I no longer manage the vB community I had, so it would be difficult for me to maintain this anyway. If anyone else is interested in taking over the project, I would be more than happy to pass the torch off so that development can continue.

I am still having problems. Putting a break; into the code does not seem to work (or well stop the php engine) and changes dont seem to be reflected.
Bit of a vBulletin n00b for now so go easy ;)

Any update on this plugin? Would be really cool to see it work with version 2.0 and 1.0 of OpenID. And maybe allow sign ups aswell?

I think it's the supporting JanRain php OpenID libraries that make it work with OpenID 1.1 and 2.0.

I've written a plugin that allows registration using OpenID/iNames. It that makes use of wnorris' OpenID plugin. Should I post that here, or to a new thread?

Just post it please, so with yours we can let them login and register on vbulletin right?

I'd like to open to continue the development for this since Yahoo has just accepted OpenID.

I decided last night to implement OpenID myself, as the author of this mod hasn't been online in 9 months. Unfortunately I didn't notice Mark's (szpak) post above, otherwise I'd have talked to Mark first!

I took a slightlly different approach, but it's still all plugins, a couple of template edits, and one file upload. I'm actually using a small, self contain class for the OpenID consumer stuff, rather than the rather bloated JanRain ones. Although there's a lot to be said for using the mainstream JanRain code, I wanted to see if I could build something small and self contained.

Mark - did you find a way of deriving the timezone offset from the country/city code? MySQL does support xoneinfo, but Imost hosted vB's either aren't going to have access to those tables, and they probably aren't installed properly anyway.

-- hugh

Is class.openid.php the one-file OpenID consumer you're using? I've used that in the past for another project (it supported both URL-based OpenIDs and iNames). Are you implementing registration as well as login using OpenID?

I didn't do anything with timezone handling - just made the minimum number of plugin hooks in the registration code so you could either do a brand-new registration using your OpenID, or else if you already have an account then associate that with an OpenID (and confirm validity of that OpenID in both cases). Otherwise I used wnorris' code for logging in, with one small change.

- Mark

Yup, only I'm using class.openid.v2.php. I'm still in two minds as to whether to stick with it, or use the no doubt more mainstream JanRain stuff.

Yes, I'm doing registration. I just re-organized the regular registration page a little to put the CAPTCHA at the top, as we want to process that regardless, then an either / or for OpenID or specifying the regular details as normal.

Then one plugin one the start hook that just handles the referering and response from OpenID, grabbing the response data, creating a random password, and finagling the $_POST variables for 'addmember' appropriately. And one on the stop hook to associate the OpenID identity with the new user.

The one thing I don't like about wnorris's code is that it relies on using a standard login with blank password, and catching the authentication failure. I much prefer having an explicit OpenID field in the login form, and taking a separate route through the code. No disrespect to wnorris, his is a perfectly workable way of doing it. I just prefer to stick to the OpenID standard UI, and making it a separate, clearly labeled option.

Have you seen this page:

http://www.plaxo.com/api/openid_recipe

... which suggests allowing the users to attach multiple openid's to their account. I'm assuming this is as a fallback in case their primary povider is down for some reason? I can't think of any other reason for needing more than one OpenID associated with a given bb account?

-- hugh

Can you share the plugin so we can let people either register or connect their already existing vb account with their openid one?

I think szpak's version is the one that should be released, as he's building on the existing wnorris code which uses the more "official" JanRain libraries. Mine was more of a personal experiment, I just wanted to play with openid. But I would be more than willing to help support and continue development with szpak, if he would like. There's lots of goodies coming down the pike with OpenID, and I'm very interested in keeping up with developments.

So I guess the main issue is we need to try and get hold of wnorris, and get permission to re-use his code, and re-release as a new version with the registration and openid account attaching / detaching.

-- hugh

any news about that ?

Nope. The author of this particular hack doesn't seem to have logged in to vborg for over year.

I'd be willing to re-release and maintain an updated version of the hack, but I'd really need to get hold of wnorris first to get his permission.

-- hugh

I completely support somebody taking this over and releasing it as a vB 3.7-compatible hack. I would love for my users to have the ability to login either with OpenID or with their existing vBulletin account, or effectively link the two together.

Which brings me to a good question: How does this effect the number of "registered users"? For example, if a forum has 50,000 users, and someone logs in with their OpenID, does the number of members increase to 50,001? If not, that's a serious deterrent from using an OpenID system.

Did you try using private messages?

Good luck, and thanks

Yes, the user gets added to your users database. It just doesn't store a password, and authentication happens differently.

Yup.

-- hugh

https://vborg.vbsupport.ru/showpost....1&postcount=13
Maybe that's statement enough?

For some reason I managed to miss that post.

Well yes, I guess that is pretty much statement enough. Next time I get a few spare minutes, I'll re-release this under a new thread, so I can start making changes.

I just need to check with the vborg godz to make sure this is kosher.

-- hugh

Any word on this? Just popping in to let you know I'm still interested.

I checked with the vB Godz, they say it'll be OK to re-release this as a new mod, as the author gave blanket permission before going AWOL.

It'll be a little while before I can find the time to whip up a 3.7 version with the various requested improvements, but I'll post here as and when I get it done.

If anyone else has the time and inclination to help out, let me know.

-- hugh

hugh - I was a big fan of yours for a while on the vBlogetin project. I'm in for any testing you need.

Hey! Good to see you again.

Yeah, what happened with vBlogetin was a shame, but somewhat predictable once JelSoft vaporware-announced their blogs (premature announcement by about 9 months). But heck, that project taught me a lot about vB (including my new Golden Rule of "never write a huge vB project when it's likely vB will yank the rug out from under you") so personally it was worthwhile.

I'll shout when I'm closer to having something worth testing.

-- hugh

What should I do to officially hand this over to someone?

Hey! Welcome back!

I don't think you really need to do anything. You already offered it up for adoption, so this thread is enough to validate that. If you want to make it look official, you could respond and say "I, the party of the first part, do hereby ..." etc., in your best Imitation Legaleze.

When I get it 3.7-ized, I'll just start a new mod thread, and include attribution to you as the original author.

-- hugh

Hey, guys, pleeeease make OpenID autorization/registration possible! At present time pрзИИ have pkugin to accept OpenID, moreover - SMF 2.0 (beta 3.1 now) already have working implemetation of OpenId 2.0/SREG accepting. I really just not understand WHY such smart, complex forum engine like vB don't support OpenID?

cheesegrits, would you have a time frame of release for a 3.7 OpenID plugin? I'm really getting adamant about getting all of my sites OpenID enabled ASAP ;)... I know that holds no bearing on when you'll release your product, but a hint or estimate would make me feel better inside.

It would be great to see this available for 3.7 :)

I <3 cheesegrits :)