33
edits
Labs/Bespin/DesignDocs/OpenIDIntegration: Difference between revisions
Labs/Bespin/DesignDocs/OpenIDIntegration (view source)
Revision as of 17:48, 2 June 2009
, 2 June 2009→Good OpenID integration
| (14 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
= OpenID Integration document = | = OpenID Integration document = | ||
Note: Work in progress (this document isn't completed yet.) | |||
== Feature details == | == Feature details == | ||
=== What's OpenID? === | === What's OpenID? === | ||
| Line 11: | Line 14: | ||
# It's an open standard | # It's an open standard | ||
# It's secure | # It's secure | ||
# For | # For companies, it's available in closed environment with a server running an OpenID service (there are many available out there) | ||
# A single Id for all | # A single Id for all websites supporting OpenID (the number is growing and growing) | ||
# It adheres to Bespin | # It adheres to Bespin's mindset: using new ideas/technologies | ||
===How does it work?=== | ===How does it work?=== | ||
| Line 26: | Line 28: | ||
*Click a sign in link/button | *Click a sign in link/button | ||
*Choose a listed provider or enter your own OpenID provider | *Choose a listed provider or enter your own OpenID provider | ||
* | *Are automatically redirected to your provider to confirm that you want to login (this step can be minimized if there's a popup windows in overlay that shows the provider website) | ||
*Getting back to your web server and Voilà! | *Getting back to your web server and Voilà! | ||
| Line 33: | Line 35: | ||
*Avoid redirection to another website by popping an overlay window with the embedded OpenID provider website | *Avoid redirection to another website by popping an overlay window with the embedded OpenID provider website | ||
* By following the OpenID best practice | * By following the OpenID best practice | ||
* See how Mozilla Weave can help in the process (by | * See how Mozilla Weave can help in the process (by following the naming convention of openID login form) | ||
* More to come ... | * More to come ... | ||
===Full switch to OpenID for Bespin?=== | ===Full switch to OpenID for Bespin?=== | ||
| Line 49: | Line 50: | ||
===Good OpenID integration=== | ===Good OpenID integration=== | ||
http://stackoverflow.com/users/login | http://stackoverflow.com/users/login | ||
<br /> | |||
http://ficly.com/authors/new => :o) :o) :o) | |||
<br /> | |||
* List all supported/most popular OpenID provider | * List all supported/most popular OpenID provider | ||
* Gives the option to signup/login using their own OpenID (if not listed) | * Gives the option to signup/login using their own OpenID (if not listed) | ||
* There are alternatives of OpenID itself (Google, Yahoo, AOL, etc) | * There are alternatives of OpenID itself (Google, Yahoo, AOL, etc) | ||
* There is some information about OpenID | |||
<br /> | |||
===Not intuitive OpenId integration=== | ===Not intuitive OpenId integration=== | ||
| Line 71: | Line 75: | ||
* There's not place stating that you must create an OpenID, and then add/link other accounts to your OpenId account (http://yourname.openid.org, http://twitter.com/yourname, etc) on their website | * There's not place stating that you must create an OpenID, and then add/link other accounts to your OpenId account (http://yourname.openid.org, http://twitter.com/yourname, etc) on their website | ||
* No popular provider listing (helpful for those how want to login via their known provider) | * No popular provider listing (helpful for those how want to login via their known provider) | ||
<br /> | |||
<br /> | |||
== Requirements == | == Requirements == | ||
=== Back End === | === Back End === | ||
==== OpenID available Python libraries ==== | ==== OpenID available Python libraries ==== | ||
==== | |||
JanRain's Python OpenID library is available at http://openidenabled.com/python-openid/ | |||
==== Tables mapping ==== | |||
Bespin's Python code already uses SQLAlchemy, so we aim for that for mapping the tables to useful Python objects. | |||
TODO: describe the user/auth tables mappings here. | |||
=== Front End === | === Front End === | ||
==== Login Page ==== | ==== Login Page ==== | ||
N/A | |||
==Sources== | ==Sources== | ||
http://wiki.openid.net/Details-of-UX-Best-Practices-for-OPs | *http://wiki.openid.net/Details-of-UX-Best-Practices-for-OPs | ||
http://wiki.openid.net/Details-of-UX-Best-Practices-for-RPs | *http://wiki.openid.net/Details-of-UX-Best-Practices-for-RPs | ||
http://wiki.openid.net/OpenID-OAuth-for-the-browser | *http://wiki.openid.net/OpenID-OAuth-for-the-browser | ||
http://wiki.openid.net/User-Experience-loose-ends | *http://wiki.openid.net/User-Experience-loose-ends | ||
http://code.google.com/intl/fr/apis/accounts/docs/OpenID.html | *http://code.google.com/intl/fr/apis/accounts/docs/OpenID.html | ||
http://openid.net/specs/openid-attribute-exchange-1_0.html | *http://openid.net/specs/openid-attribute-exchange-1_0.html | ||
http://wiki.openid.net/f/openid_ui_extension_draft01.html | *http://wiki.openid.net/f/openid_ui_extension_draft01.html | ||
http://openid.net/specs/openid-authentication-2_0.html | *http://openid.net/specs/openid-authentication-2_0.html | ||
http://code.google.com/p/step2/ | *http://code.google.com/p/step2/ | ||
http://step2.googlecode.com/svn/spec/openid_oauth_extension/latest/openid_oauth_extension.html | *http://step2.googlecode.com/svn/spec/openid_oauth_extension/latest/openid_oauth_extension.html | ||
http://oauth.net/code | *http://oauth.net/code | ||
== Roadmap == | == Roadmap == | ||
N/A | |||