OpenID for Drupal
There was a thread on the OpenID list around the subject of OpenID support in Drupal. Previously, I’ve experimented with the OpenID module originally written by Jonathan Daugherty from JanRain, now under maintenance by the folks at Bryght. That module uses JanRain’s PHP OpenID library, and it worked pretty much out of the box, with XRI support.
What I learned from this discussion thread is that James Walker from Bryght has been working on another OpenID module that is intended for inclusion into Drupal 6 core distribution, without using JanRain’s library. There are apparently things that Drupal-heads don’t like about the JanRain’s library, licensing may be one of the issues.
So I pulled the DRUPAL-5 codebase from CVS and installed it, then installed the 5.x-1.x-dev snapshot tarball to test it out. First thing I noticed was that it doesn’t support XRI, and I really didn’t expect it to. Then, when I tried logging in with my dready.org identifier, it wouldn’t work because I delegated it to my myopenid.com account. So, it doesn’t support delegate either.
Then I spent a few hours getting rudimentary XRI support into it, and made it work with delegates. Few days later, I realized that this was only a snapshot and the module is in the Drupal contributions repository. So, I threw away my installation but kept the patch I made of the 5.x-1.x-dev snapshot and started anew. The result is a patch that works with the Drupal CVS trunk as of today.
The changes are:
1. When a first-time user is authenticated, a local account is created but no role was specified. Modified the module to add the ‘authenticated user’ role to the user.
2. XRI support. This is very rudimentary and does not support canonical ID yet, but shouldn’t be hard to implement.
3. Delegate support. In OpenID 2.0, the submitted identifier (URL) is passed to the OP as the openid.claimed_id parameter, while the delegate, if present, is sent as openid.identifier.
4. In the meantime, I noticed that the while the URL normalization conforms to the OpenID Authentication 2.0 implementor’s draft 11 specification, it treats http://dready.org and http://dready.org/ (with trailing slash) as different identifiers. Well, they should really be the same as RFC3986 says that for HTTP, an empty path is equivalent to “/”. This normalization rule was reflected in rev 294 of the spec.
Of course this is only a *very* rough patch (no pun intended). I have never hacked Drupal before, and haven’t read much of its coding styles though I tried to follow the conventions in the original code. I do hope that at least parts of it can be integrated into the module though.
My development environment is here: http://dready.org/drupal/. Feel free to try it out.
Related posts:
- mod_python OpenID Access Control Since XRI is pretty much in bed with OpenID and NeuStar is an XRI shop, I get to play around...
- This blog is OpenID enabled! One thing led to another. After reading my previous entry on “mod_python OpenID Access Control”, Nate Olson contacted me...
- On Mobile OpenID in Japan This presentation by =zigorou (Toru Yamaguchi) titled “Considering OpenID for Mobile” (Thanks =peterd and =nat) is particularly interesting for me...
- Why be an OpenID Relying Party? Plaxo’s Joseph Smarr presented the following at the OpenID Design Summit at Facebook HQ yesterday: What an "RP" Wants View...
- New site: xrid.net I really shouldn’t blogging that much now that I have three weeks left to pack up and move to Virginia....
Related posts brought to you by Yet Another Related Posts Plugin.