I’ve been working on an OpenID plugin for Wordpress.
OpenID is an open, decentralized, free framework for user-centric digital identity. The wpopenid plugin lets visitors to a Wordpress blog quickly register, login, and leave comments using their OpenID. It streamlines the wordpress user registration loop, and aims to do it seamlessly in the context of the comment form.
After activation, the plugin hooks into wp-login.php, adding an extra field for OpenID login. Successfully logging in using this form auto-creates a real local Wordpress user, with Default Role capabilities, and takes them to their ‘profile’ page (or elsewhere, it honors redirect_to). They can promptly go commenting, or be promoted, or any of the other things normal wordpress users can.
The plugin also hooks to the comment form parser, watching for a POST field named ‘openid_url’ submitted along with the ‘comment’ text. In this case, the plugin sets a cookie with the comment text, and does an openid authentication redirect. If successful, the user is logged in, the comment is submitted, and the user sent back to the post.
Installation of the plugin is fairly painless, requiring no modifications to core files. Small template tweaks are recommended for maximizing the user experience.
I have a live demo of the plugin running inside a Wordpress-trunk blog at http://openid.verselogic.net/, as well as powering comments on this site.
11 Comments
Okay… in layman’s English… what does this plug-in do again?
To the previous commenter: it lets you log into WordPress by proving you\’re logged into another site, like LiveJournal. (They invented OpenID, although other people use it.) For example, I typed \”brentdax.livejournal.com\” into the OpenID box to make this post; the plugin checked that I was logged into LiveJournal as brentdax, and once it saw that I was, it created a WordPress account for me. I can now log into that account in the future by proving I\’m logged in on LiveJournal.
This looks pretty fantastic, Alan. However, the OpenID box on this page has black text on a nearly-black blackground–maybe it didn\’t get the style rule setting the background to white or something? I\’m using Firefox 1.5.
Laymen’s English, eh? =)
I have a blog, http://verselogic.net. With OpenID, I can use this as an Identifier to login to other websites, while maintaining control over my identity server.
This plugin is an openid consumer, one half of the system. It talks to an openid server somewhere (which actually controls the identity url) to assert whether I, the commentor, am actually http://verselogic.net. If so, it lets me leave a register or login to a wordpress account, and comment with that ID.
It functions similarly to Typekey or Passport. But it’s not federated identity: You never enter a password on ‘member sites’, and the consumer never knows anything about you other than an assertation of ownership over a url (or with the sreg extension, whatever other details you chose to provide).
=) coowl
This is a test comment – please ignore me :-)
Hello! After testing many different OpenID plugins for Wordpress, this seems to be the easiest I’ve found out so far, for the following reasons:
- It includes all required libraries (ie. JanRain’s)
- It does not require any tinkering with existing PHP (ie. allowing better and easier switching of themes)
- It fall backs correctly to OpenID’s “dumb mode”. My previous experience with hosting providers who do not have either GMP or BCmath installed have been a true nightmare!
- Thus, it runs fine on Dreamhost (one of the hosting providers I use) without needing to recompile PHP or changing php.ini, etc. This is a true blessing! Sure, “dumb mode” is not fantastic, but it works… and that’s all that counts for me!
Now I just need courage to upgrade and update my own primary blog… but at least the many others I use will over time be converted to your plugin :) Thank you very much!
A slight issue I’ve found. My current PHP 5.1.4 installation does not like line 160 of user-interface.php when $link is ” (it gives a PHP warning). I simply changed that line to check first if it’s null or not. A very minor and slight change, which most people will never notice, unless they have some debugging on.
Thanks for the feedback, Gwyn! I wasn’t aware that $link might be zero length there; fixed. edit: should have been using strpos() anyway.
Wow, now that’s was a fast reply. :) Thank you again!
Perhaps I might encourage you one day to take a look at Second Life, and the integration of OpenID with Second Life for people using their Second Life avatar names as a way to post comments on OpenID-enabled WordPress blogs…
I tried using this plugin and configured it to add my site as an OpenID, only to find that the configuration panel in the User menu doesn’t exist. I also get an error that says the OpenID at the server endpoint doens’t exist. I’m not really sure what went wrong. I submitted a bug report on th SourceForge site, but so far I’ve not seen any activity anywhere to provide help in troubleshooting this. I’d love to set this up – I think it’s a great idea – but so far everything I’ve tried ends up not working. Is there a minimum PHP or MySQL requirement to use this plugin?
Can you retrieve and use the avatars from a wordpress OpenID in a non-wordpress blog?
I just found out the answer.