Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Vanilla as OAuth authentication consumer and OpenID relying party
I wonder why there's no official supports for OAuth authentication and OpenID up to now (1.0.13). As they are open standards and already widely adopted by websites and softwares.
For a community website which has a more than one service (e.g.: forum, blog, wiki), they are very useful as they will make the users need only one account.
Will they be eventually officially implemented? Because I've seen that there are OpenID and OAuth library already included in the package but I didn't find their usage (or maybe I missed it?). Or through proxyconnect?
And if there's any guide or something to implement this, I don't mind to hack one (I've checked the proxyconnect but unable to figure out where I should start). If there's any skeleton or base code (for authenticator plugin), It'll be easier for me to get started.
*note: I'm currently creating a software (going to be an OSS) which does nothing but user account management (only the accounts, no profiles) and hack another softwares to use it as the only authentication path either by identity sharing (through OAuth, OpenID, OpenID Connect) or by session sharing (through socket).
For a community website which has a more than one service (e.g.: forum, blog, wiki), they are very useful as they will make the users need only one account.
Will they be eventually officially implemented? Because I've seen that there are OpenID and OAuth library already included in the package but I didn't find their usage (or maybe I missed it?). Or through proxyconnect?
And if there's any guide or something to implement this, I don't mind to hack one (I've checked the proxyconnect but unable to figure out where I should start). If there's any skeleton or base code (for authenticator plugin), It'll be easier for me to get started.
*note: I'm currently creating a software (going to be an OSS) which does nothing but user account management (only the accounts, no profiles) and hack another softwares to use it as the only authentication path either by identity sharing (through OAuth, OpenID, OpenID Connect) or by session sharing (through socket).
Tagged:
0
Comments
And I think there's a usage of forum engine as feedback platform which users come only when they have problems. Users mostly don't value their account in this kind of usage. They will register (if they are not that too lazy) and post until their problem solved and gone. OAuth will make it easier for them by giving the 'throwaway account' facility.
OpenID on the face of it looks incredibly useful and fills a user authentication gap for single-signon. OAuth is used to share data, which is something else altogether.