I'm thinking of adding OpenID support to BZ

Rob Lanphier robla at robla.net
Mon Jun 27 09:47:41 UTC 2005


Hi all,

I'm thinking of writing an OpenID (http://openid.net) auth plugin for
BZ, but I should first put a big disclaimer on it.  I'm neither an
expert on BZ or OpenID development, and my Perl is rusty.  I'm not sure
I'll have the skill/patience/whatever to finish.  I've been a production
user of BZ in the past, but these days, I'm puttering around with a
private install of the latest 2.19.3+ out of CVS.

Here are my initial impressions of how I should approach this:

*  I'm thinking of using Auth/Login/CGI as a starting point, leveraging
Auth/Login/CGI/Cookie as close to "as is" as possible.

*  I'm not sure how to approach IDs.  A URI is a valid identifier, and
can take different forms.  For example, my LiveJournal ID can be
"robla.livejournal.com" or "livejournal.com/users/robla" or
"http://livejournal.com/users/robla".   Note that none of these are
"robla at livejournal.com".  So, I'm wondering how best to approach this:

a.  Make it so that the full gamut of OpenID's can be used as BZ IDs
b.  Still require a mailing address, but auth against the OpenID server,
and store the OpenID information in a new field in the database
c.  some other approach

Thoughts?
Rob





More information about the developers mailing list