Singpolyma - Archive of "Openid"

Ah, I'm not the only one!
body
I knew others were talking about distributed social networking, but Messina is working on code, and even code for Wordpress! The Kilroy concept (an "I was here" plugin) looks excellent. Avatars looks like exactly what I've been saying I should do since I installed Gravatars on this blog. The contactlist plugin looks like basically what I have here (his code, I believe), but I've hacked mine some. His delegation looks a lot like what I want to add to my XRDS plugin. Pempeth would go great with his contact form concept.

Other cool stuff there too — overall just excited that things seem to be picking up a bit in this field — I'm writing some bookmarklets just now, and really should clean and release some of the remaining WordPress code.
Tags:
- Microformats
- Openid
- Social_networking
- Tech
- Web2.0
- XOXOBlog
© 2006-2008 Stephen Paul Weber. Some Rights Reserved.
Stephen Weber at 1197001290//Y-m-d H:i2007-12-06 23:21 | 1 Comment / Trackback
There is an RSS Feed for comments on this post.
You can trackback from you own site.
1 Comments
1. Comment at 1197489456//Y-m-d2007-12-12 1197489456//H:i14:57 by factoryjoe
  
  body
  
  Hey, come join the DiSo project! Your work looks awesome and totally inline with where we're going!
Post a Comment

Name (required)

Email (will not be published) (required)

Website (OpenID Enabled)

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail
Blogger in Draft
body
…because "in Draft" sounds cooler than BETA.

Yes, Blogger is at it again. Releasing new and (sometimes) exciting features. I took a bit of a spin with it today to see what is up.

The major additions are in regards to some of the rougher bits of Blogger 3.0 - the template WYSIWYG template editor. Some sorts of widgets have been sorely lacking for some time. Subscription links (for feeds) are new trivial to add to one's Blogger sidebar. Better for hackers, Google Gadgets can now be directly added. The fact that this comes so close on the heels of OpenSocial is doubtfully a coincidence. This opens Blogger up to a large number of new functionalities instantly. Other new widgets include a search box, polls, and a sideshow widget for photos.

Videos are now just as trivial to add to posts as images. A loss useful feature, but cool none the less.

Now for my favourite and most exciting feature - OpenID! Yes, you read it correctly, the new Blogger (which could doubtless be dubbed Blogger 4.0) has support for leaving comments using OpenID!

This is exciting for a number of reasons, but largest of all is that this will soon expose THOUSANDS of people to OpenID. This could easily take it from a geek tech to mainstream knowledge.
Tags:
- Beta
- Blogger
- Openid
- Tech
© 2006-2008 Stephen Paul Weber. Some Rights Reserved.
Stephen Weber at 1196456386//Y-m-d H:i2007-11-30 15:59 | 1 Comment / Trackback
There is an RSS Feed for comments on this post.
You can trackback from you own site.
1 Comments
1. Comment at 1196587657//Y-m-d2007-12-02 1196587657//H:i04:27 by Avatar
  
  body
  
  Glad to see you are keeping up with the true version count.
  
  and yes, Blogger now got enough changes to make it interesting and relevant next year.
Post a Comment

Name (required)

Email (will not be published) (required)

Website (OpenID Enabled)

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
OpenID as True Single Signon
body
OpenID is meant as a distributed single signon protocol. Unlike corporate-only systems (ie, Google Accounts) however, you have to sign on at every single site. When I sign in to Gmail I am automatically signed in to Blogger, etc.

While the inability to store 'cookies' or similar across domains makes this not 100% possible, I have a suggestion that will make it easier.

Make every page on an OpenID-enabled site accept the openid_url GET parameter. If it is there, authenticate the user using that OpenID and then redirect back to the page the GET string was passed to - minus the openid_url parameter. Thus if I click a link from one OpenID-enabled site (where I am signed in) to another, I can be signed in automatically.

A browser plugin (ie, Firefox extension, or built into the browser as may come in Firefox 3) could be used to store the last-entered value into a form with text input named openid_url (dependent on user settings of course). This value would then be added to the GET request on any URL (or pertinent URL, depending) the browser goes to. OpenID-less sites won't care, OpenID-enabled sites will automatically sign you in.
Tags:
- Openid
- Tech
© 2006-2008 Stephen Paul Weber. Some Rights Reserved.
Stephen Weber at 1169594940//Y-m-d H:i2007-01-23 15:29 | 7 Comments / Trackbacks
There is an RSS Feed for comments on this post.
You can trackback from you own site.
7 Comments
1. Comment at 1169647260//Y-m-d2007-01-24 1169647260//H:i06:01 by Johan Sundström
  
  body
  
  Worth considering too is whether you want to share your identity automatically with every entity on the net which wants to know it. But making it comfier for you the times you do is of course good.
2. Comment at 1169662140//Y-m-d2007-01-24 1169662140//H:i10:09 by Singpolyma
  
  body
  
  True — it should ask you… but not make you type anything.
3. Comment at 1169936100//Y-m-d2007-01-27 1169936100//H:i14:15 by Rasqual Twilight
  
  body
  
  It would be interesting, provided that:
  * It is ruled-based, preferably with a whitelist of applicable domains or subd.
  * Why not send in a cookie or in the user-agent string?
4. Comment at 1169936520//Y-m-d2007-01-27 1169936520//H:i14:22 by Singpolyma
  
  body
  
  @function Rasqual Twilight - Obviously for a Firefox extension/similar you wouldn't want to blindly give your OpenID to every site you visited (probably anyway).
  
  RE Cookie/UA - As I explained cross-site cookies are impossible, this is for more than browsers only (likely) and sending either a 'fake' cookie or UA is unnecessarily complicated. GET works… and it's already being used with the almost-standard field name openid_url… I'm just suggesting that EVERY page on a site accept the GET param that they are ALREADY accepting on the login page…
5. Comment at 1170140100//Y-m-d2007-01-29 1170140100//H:i22:55 by Efendi
  
  body
  
  Micro Persuasion have some article about OpenID too
6. Comment at 1200430046//Y-m-d2008-01-15 1200430046//H:i15:47 by jp
  
  body
  
  My concern -
  Is that for example on Blogger, when you look at the Page Info on the comment it has a tab with forms and WTF all of my personal info is on there, email, password, etc. How much of this can be seen by the owner of the blog if you post anonymously or use a nickname. How much is silently stored by blogger when you post a comment. Could it be used to trace anonymous comments back to the source?
7. Comment at 1200434850//Y-m-d2008-01-15 1200434850//H:i17:07 by Stephen Paul Weber
  
  body
  
  That's a Blogger thing and exactly what OpenID angles to solve. Personally, I think they store none of it and KNOW the blog owner can't see it
Post a Comment

Name (required)

Email (will not be published) (required)

Website (OpenID Enabled)

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
OpenID for WordPress
body
Someone else has written a (imho) better plugin. I have a backlog of tweaks to do to this plugin to make it work on more systems which I haven't got around to blogging/integrating. Note that this new plugin does not support using your blog as an OpenID server. It does, however, support sreg (but not hCard) and integrates into the WordPress account system.

I have modified Alexander Nikulin's plugin for WordPress that enables users to leave authenticated comments using OpenID and enables blog owners/contributors to use the blog as their OpenId. I have made the plugin compatible with WordPress 2.0, cleaned up the validity of the XHTML produced, and fixed a bug that kept some sites from finding the server.

It is reccomended that when using the server the blog admin use the blogs main URL as their OpenID but that other users/contributors use BLOGURL/?author_name=USERNAME.

When returning to the post page after posting a comment, if the comment was held for moderation ?moderated=true is appended to the URL. Adding code like the following will alert your users to this fact:

<?php if($_GET['moderated'] == 'true') echo '<div style="display:block;padding:20px;background-color:#ccc; font-weight:bold;font-family:sans-serif;font-size:12pt;"> Your comment is awaiting moderation.</div>'; ?>

Possible future features:
- Support for sreg / hCards to get an actual name for the commentor instead of just using their URL
- Support for sreg / hCards in the server implementation
- Support for YADIS
Download the plugin

To install the plugin:
1. Download the gzip from the link above and unzip it
2. Upload the resulting folder into your /wp-content/plugins/ directory
3. Edit your template and replace your comments form code (likely in comments.php) with
  <?php include dirname(__FILE__).'/../../plugins/openid/openidform.php'; ?>
Tags:
- wordpress
- plugin
- comments
- openid
Tags:
- Comments
- Openid
- Plugin
- Tech
- Wordpress
© 2006-2008 Stephen Paul Weber. Some Rights Reserved.
Stephen Weber at 1145878560//Y-m-d H:i2006-04-24 04:36 | 11 Comments / Trackbacks
There is an RSS Feed for comments on this post.
You can trackback from you own site.
11 Comments
1. Comment at 1148934600//Y-m-d2006-05-29 1148934600//H:i13:30 by MasterPi
  
  body
  
  I believe that openid/openid-classes.php, line 160 should be
  $identity_url = $query['openid_identity'];
  and not
  $identity_url = $openid_identity;
2. Comment at 1148970300//Y-m-d2006-05-29 1148970300//H:i23:25 by Singpolyma
  
  body
  
  I looked at the code in question and it seems the next lines do the work:
  
  if( $data['identity_url'] != " )
  $identity_url = $data['identity_url'];
  
  I did not write this plugin and am hesitant to change it… is there a specific problem/feature that your code fixes/implements?
3. Comment at 1149842280//Y-m-d2006-06-09 1149842280//H:i01:38 by Dexter
  
  body
  
  I keep getting this error;
  
  Warning: mkdir(./tmp/): Permission denied in /home/non/public_html/wp-content/plugins/openid/openid-classes.php on line 101
  
  Warning: opendir(./tmp/): failed to open dir: No such file or directory in /home/non/public_html/wp-content/plugins/openid/openid-classes.php on line 401
  
  Warning: Cannot modify header information - headers already sent by (output started at /home/non/public_html/wp-content/
  plugins/openid/openid-classes.php:101) in /home/non/public_html/wp-content/plugins/openid/openid-classes.php on line 360
4. Comment at 1149843420//Y-m-d2006-06-09 1149843420//H:i01:57 by Singpolyma
  
  body
  
  It looks like your hosting package does not allow PHP scripts to access the file system in any way. This plugin requires filesystem access in order to store OpenID resources, etc. Contact your hosting administrator and ask to have filesystem access turned on for PHP
5. Comment at 1152118860//Y-m-d2006-07-05 1152118860//H:i10:01 by Lopo
  
  body
  
  Isn't it possible for OpenID to store resources in a MySQL DB? I tought so.
  
  Best,
  
  Lopo
6. Comment at 1152136200//Y-m-d2006-07-05 1152136200//H:i14:50 by Lopo
  
  body
  
  Isn't it possible for OpenID to store resources in a MySQL DB? I tought so.
  
  Best,
  
  Lopo
7. Comment at 1152274740//Y-m-d2006-07-07 1152274740//H:i05:19 by Singpolyma
  
  body
  
  Yes, one can store the data anywhere one wants. The plugin this is based off of, however, used the file system and I am loath to change it for no particular reason.
8. Comment at 1152724800//Y-m-d2006-07-12 1152724800//H:i10:20 by Lopo
  
  body
  
  Since many people have the issue refered by Dexter it would be good to avoid it, wouldn't it?
  
  best and thanks.
9. Comment at 1152726120//Y-m-d2006-07-12 1152726120//H:i10:42 by Singpolyma
  
  body
  
  I would think that most people would have filesystem access in PHP… most free hoster's even have that! I may look into it eventually, but as I keep saying, this is not my code so I can't promise anything
  
  (NOTE: after communication with his hoster Dexter was able to precreate the folder needed and then the plugin worked fine)
10. Comment at 1153613460//Y-m-d2006-07-22 1153613460//H:i17:11 by Mustafa Arif
  
  body
  
  In order to get the OpenID server to work on my blog I had to add the following line to the top of openid-classes.php:
  
  ini_set( 'arg_separator.output', '&' );
  
  This reverts the parameter to the PHP default. The reason why I (and many others) change the PHP default for this ini value is that unless you change arg_separator.output to '&\amp;' (without the slash!) there is no other way of making PHPSESSID produce valid code.
  
  See this PHP bug report I submitted:
  http://bugs.php.net/bug.php?id=37835
  
  Given that it is common to change this ini value (and there is no alternative ini value that could be correct for the context of the OpenID plugin) I suggest that the above line be added to your distribution.
  
  Alternatively (and arguably the more corrrect approach) would be to replace the http_build_query function code with that from PHP-5.1+, which includes a third parameter to override the ini-specified separator.
11. Comment at 1158714180//Y-m-d2006-09-19 1158714180//H:i18:03 by Michael Terry
  
  body
  
  Thanks for the work. I started using it on my site, but I wanted to say that I had to change one thing before it was valid XML — in openidform.php, line 70, you'll want to change the section:
  openid_logout=1&post_id=
  to
  openid_logout=1&post_id=
  
  You may also want to make it more explicit that you need to create a writable tmp directory in the plugin folder.
  
  Thanks again!
Post a Comment

Name (required)

Email (will not be published) (required)

Website (OpenID Enabled)

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Archives
Calendar

May 2008

S M T W T F S

« Apr

1 2 3

4 5 6 7 8 9 10

11 12 13 14 15 16 17

18 19 20 21 22 23 24

25 26 27 28 29 30 31
Pages
Copyright © 2006-2008 Stephen Paul Weber. Some Rights Reserved.