[wp-hackers] GSoC Proposal: OpenID core implementation
Artur Ferreira
artur.g.ferreira at gmail.com
Thu Mar 27 23:32:23 GMT 2008
Hi,
My proposal is about the implementation of OpenID authentication into
wordpress core.
== What is OpenID ==
OpenID is a decentralized identity, free and open standard that allows
users to log on to multiple sites using a single digital identity,
eliminating the need for different credentials for each site the user
participates.
== How wordpress would benefit from this ==
Using OpenID as authentication method users could have only one
credential for multiple wordpress blogs breaking a wall in user
interaction thereby removing the trouble of needing to register for
posting a comment, this would be further applied to all N blogs read by
the user.
== My Project Proposal ==
Although there are plugins for OpenID (WP-OpenID), the core
implementation could extend this feature and future plugins
(implementing other features) could benefit from this.
The implementation will have three modes of operation:
disabled - the OpenID authentication is disabled.
dual - both standard user authentication and OpenID can be used.
exclusive - only OpenID authentication for both users and administrators.
The OpenID users will be exposed to the same features (if compatible)
that standard users have, like comment auto-approval.
Themes Template changes to support OpenID on comments box.
OpenID user control, you can ban a user for inappropriate behaviour or
ban it for spam, although in the time being there are no reports of
openid based spam, but it could happen in the future. This spam-ban list
could be exposed so that other wordpress blogs could request it and
update their own openid users spam list, using an RPC or simply a GET
method, creating a mesh network for keeping friendly blogs updated (and
warn the openid provider).
Possible additional contributions (time permitting):
- In exclusive mode, user registration will create an openid for the new
user, using myopenid API or other openid provider.
- Microformat hCard generation on the default About page.
All the configuration will be available through the options panel on the
wordpress administration.
This will bring native wordpress support for the next generation of user
management and authentication.
== Information ==
myOpenID - openid provider - http://www.myopenid.com
Wikipedia article - http://en.wikipedia.org/wiki/OpenID
Any thoughts ?
Will be glad to hear some suggestions.
Thanks!
Best regards,
- Artur Goulão Ferreira
More information about the wp-hackers
mailing list