From MozillaWiki
< Labs‎ | Bespin‎ | DesignDocs
Jump to: navigation, search

OpenID Integration document

Note: Work in progress (this document isn't completed yet.)

Feature details

What's OpenID?

"OpenID is a free and easy way to use a single digital identity across the Internet."
For more information:
To get one :

Why OpenID?

  1. It's an open standard
  2. It's secure
  3. For companies, it's available in closed environment with a server running an OpenID service (there are many available out there)
  4. A single Id for all websites supporting OpenID (the number is growing and growing)
  5. It adheres to Bespin's mindset: using new ideas/technologies

How does it work?

Account registration

  • You first need to get an OpenID/OpenID provider ID : (And you probably already have one)
  • Once it's done, you fill the information (if any), and we create/register your account associated with your user id


When you come back on the web application you:

  • Click a sign in link/button
  • Choose a listed provider or enter your own OpenID provider
  • Are automatically redirected to your provider to confirm that you want to login (this step can be minimized if there's a popup windows in overlay that shows the provider website)
  • Getting back to your web server and Voilà!

How to reduce the steps number?

The following points will be studied:

  • Avoid redirection to another website by popping an overlay window with the embedded OpenID provider website
  • By following the OpenID best practice
  • See how Mozilla Weave can help in the process (by following the naming convention of openID login form)
  • More to come ...

Full switch to OpenID for Bespin?

Actually, because it's a radical change (to completly switch), we will see how it evolves. Our goal is to switch to OpenID, but it has to be as less frustrating as possible (seamless). At this time, it has been decided to:

  • keep the existing username/password functionality
  • add OpenID support
  • Offer to migrate the user account on OpenID
  • measure how people use it (and see how it goes for future adjustment, and eventually full switch)

Good OpenID integration => :o) :o) :o)

  • List all supported/most popular OpenID provider
  • Gives the option to signup/login using their own OpenID (if not listed)
  • There are alternatives of OpenID itself (Google, Yahoo, AOL, etc)
  • There is some information about OpenID

Not intuitive OpenId integration

Note: Not intuitive compared to the OpenID good practice guide


BespinOpenID bitbucket.jpg

BespinOpenID GetSatisfaction.jpg

  • No OpenID explanation (must have some informations briefly explaining what's OpenID, advantages, etc). It's very important to add the informations, because it's not that known by the common/new users
  • There's not place stating that you must create an OpenID, and then add/link other accounts to your OpenId account (,, etc) on their website
  • No popular provider listing (helpful for those how want to login via their known provider)


Back End

OpenID available Python libraries

JanRain's Python OpenID library is available at

Tables mapping

Bespin's Python code already uses SQLAlchemy, so we aim for that for mapping the tables to useful Python objects.

TODO: describe the user/auth tables mappings here.

Front End

Login Page