I'm thinking of adding OpenID support to BZ
Rob Lanphier
robla at robla.net
Mon Jun 27 09:47:41 UTC 2005
Hi all,
I'm thinking of writing an OpenID (http://openid.net) auth plugin for
BZ, but I should first put a big disclaimer on it. I'm neither an
expert on BZ or OpenID development, and my Perl is rusty. I'm not sure
I'll have the skill/patience/whatever to finish. I've been a production
user of BZ in the past, but these days, I'm puttering around with a
private install of the latest 2.19.3+ out of CVS.
Here are my initial impressions of how I should approach this:
* I'm thinking of using Auth/Login/CGI as a starting point, leveraging
Auth/Login/CGI/Cookie as close to "as is" as possible.
* I'm not sure how to approach IDs. A URI is a valid identifier, and
can take different forms. For example, my LiveJournal ID can be
"robla.livejournal.com" or "livejournal.com/users/robla" or
"http://livejournal.com/users/robla". Note that none of these are
"robla at livejournal.com". So, I'm wondering how best to approach this:
a. Make it so that the full gamut of OpenID's can be used as BZ IDs
b. Still require a mailing address, but auth against the OpenID server,
and store the OpenID information in a new field in the database
c. some other approach
Thoughts?
Rob
More information about the developers
mailing list