This application is not used any more and exists only for history. Post new tickets on the Github account.
Cette application n'est plus utilisée, et existe uniquement pour son historique. Postez les nouveaux tickets sur le compte github.

Ticket #107 (reviewing new feature)

Opened 8 years ago

Last modified 3 years ago

Implementing an OpenID controlleur (consumer)

Reported by: laurentj Owned by: laurentj
Priority: highest Milestone:
Component: modules Version: 1.0 beta1
Severity: normal Keywords: auth openid
Cc: Blocked By:
Blocking: Documentation needed: no
Hosting Provider: Php version:

Description

OpenID is an decentralized authentification système. See http://openid.net/

It could be usefull if there is a driver for jAuth, to use OpenId? for an authentification.

Attachments

jopenid-12-09-08.tar.gz (119.3 KB) - added by brunto 6 years ago.
jopenid-12-09-08-BIS.tar.gz (119.9 KB) - added by brunto 6 years ago.
Do not use the previous attachment, use this one
jopenid-08-10-08.tar.gz (119.7 KB) - added by brunto 6 years ago.
Added support of the identification

Change History

comment:1 Changed 8 years ago by laurentj

  • Summary changed from Implementing an jAuth driver for OpenId to Implementing a jAuth driver for OpenId

comment:2 Changed 7 years ago by laurentj

  • Component changed from jelix to jelix:auth

comment:3 Changed 7 years ago by laurentj

  • Milestone changed from Jelix 1.0 to Jelix 1.1

comment:4 Changed 7 years ago by laurentj

  • Milestone changed from Jelix 1.1 to Jelix 1.3

comment:5 Changed 6 years ago by laurentj

  • Priority changed from low to highest
  • Severity changed from minor to normal

Since OpenID gains popularity, it should be provided as soon as possible in Jelix (at least the consumer API)

comment:6 Changed 6 years ago by laurentj

I think we could use this library : http://openidenabled.com/php-openid/. Reasons:

  • I think this is the most completed implementation of Openid
  • It works on PHP 5.2
  • We have classes to create a consumer, as well as a server
  • It can used any backend to store data: a file, a database etc.. By default, it uses PEAR:DB, but we will provide our own backend, based on jDb/jDao (so no dependencies with PEAR:DB).

Note: a storage backend should inherits from Auth_OpenID_OpenIDStore

comment:7 Changed 6 years ago by brunto

  • Status changed from new to assigned
  • Owner set to brunto
  • Documentation needed unset

The driver will be available very soon

comment:8 Changed 6 years ago by brunto

  • Component changed from jelix:auth to modules
  • Summary changed from Implementing a jAuth driver for OpenId to Implementing a controlleur OpenId (consumer)

Attach a tar with files for testing. The store function must be improve to use any backend.

comment:9 Changed 6 years ago by brunto

  • Summary changed from Implementing a controlleur OpenId (consumer) to Implementing an OpenID controlleur (consumer)

Changed 6 years ago by brunto

Changed 6 years ago by brunto

Do not use the previous attachment, use this one

comment:10 follow-up: ↓ 11 Changed 6 years ago by laurentj

  • Milestone Jelix 1.3 deleted

After a quick review of the code :

  • the coord plugin is empty. perhaps we could include all openid options in the ini file of the auth plugin. And in the documentation, just says "copy this parameters into the ini file...".
  • openid class
    • do we really need to change the include_path configuration ?
    • we could put the content of loadClasses directly into the constructor, or, if include_path is not needed, directly at the begining of the file
    • $pape_policy_uris : use a static property of the class instead of a global variable
    • no exit(), print etc, for errors : use jException
    • Auth_OpenID_FileStore : I don't know if it is really relevant. Perhaps we could save informations via jAuth... need to investigate...
    • Perhaps you should replace all values returned by finish() and verif() by numerical constants. I think it could be better to generate exceptions instead of returning error code. But I saw this code is used in the redirection.. mmm...
    • header("Location: ".$redirect_url); < no redirection inside a business class ! A redirection should be made by the controller
  • openidCtrl
    • If I well understand your code, the "in" action is called twice : a first time to initiate the login process, and a second time when the user come back from his provider's pages. If this is ok, I think you should separate into two distincts action
    • Again, no exit, no print. And I don't like how openidenabled handle the case where js is deactivated. I would prefer to use a template.. Are you sure there is no another way ?

That's all for the moment :-)

comment:11 in reply to: ↑ 10 Changed 6 years ago by brunto

Replying to laurentj:

  • the coord plugin is empty. perhaps we could include all openid options in the ini file of the auth plugin. And in the documentation, just says "copy this parameters into the ini file...".

Ok it will be better

  • openid class
    • do we really need to change the include_path configuration ?

All the classes in php-openid/Auth/ need it. I'll try to find a best way.

  • Auth_OpenID_FileStore : I don't know if it is really relevant. Perhaps we could save informations via jAuth... need to investigate...

I don't know.

  • openidCtrl
    • Again, no exit, no print. And I don't like how openidenabled handle the case where js is deactivated. I would prefer to use a template.. Are you sure there is no another way ?

It's the openidenabled class who generate the JS form. I'll try to find an another solution to use a template.

For the other point, i'm working on it.

:)

Changed 6 years ago by brunto

Added support of the identification

comment:12 Changed 6 years ago by brunto

I must improve the management of the users datas openid because for the moment you must fill $paramsToReturn in openid.classic.php

comment:13 Changed 3 years ago by laurentj

  • review set to review?

comment:14 Changed 3 years ago by laurentj

  • Status changed from assigned to reviewing
  • Owner changed from brunto to laurentj
  • review review? deleted
Note: See TracTickets for help on using tickets.