Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Vanilla as OAuth authentication consumer and OpenID relying party

edited October 2010 in Vanilla 2.0 - 2.8
I wonder why there's no official supports for OAuth authentication and OpenID up to now (1.0.13). As they are open standards and already widely adopted by websites and softwares.

For a community website which has a more than one service (e.g.: forum, blog, wiki), they are very useful as they will make the users need only one account.

Will they be eventually officially implemented? Because I've seen that there are OpenID and OAuth library already included in the package but I didn't find their usage (or maybe I missed it?). Or through proxyconnect?

And if there's any guide or something to implement this, I don't mind to hack one (I've checked the proxyconnect but unable to figure out where I should start). If there's any skeleton or base code (for authenticator plugin), It'll be easier for me to get started.

*note: I'm currently creating a software (going to be an OSS) which does nothing but user account management (only the accounts, no profiles) and hack another softwares to use it as the only authentication path either by identity sharing (through OAuth, OpenID, OpenID Connect) or by session sharing (through socket).

Comments

  • yeah facebook connect and twitter OAuth , openid is rubbish
  • @usuario123 True. It's too complex. But the OpenID Connect is interesting though. Which will be on top of OAuth 2.0 http://openidconnect.com/

    And I think there's a usage of forum engine as feedback platform which users come only when they have problems. Users mostly don't value their account in this kind of usage. They will register (if they are not that too lazy) and post until their problem solved and gone. OAuth will make it easier for them by giving the 'throwaway account' facility.
  • yeah its true
  • OpenID has failed to communicate itself properly to the developers that may want to use it. There are the standards people who define how it works, and a massive gulf between them and the casual developer, with apparently no public forum in which people can go to to learn and ask questions. I tried to find such a place, and it simply does not exist, which is a shame.

    OpenID on the face of it looks incredibly useful and fills a user authentication gap for single-signon. OAuth is used to share data, which is something else altogether.
  • edited February 2011
    D
Sign In or Register to comment.