The WP.com Identify Provider interface is fairly sparse, with decent spoof-protection. As in, the landing pages are completely devoid of any links to Wordpress.com proper.

As expected, this is compatible with the WPOpenID plugin, letting self-hosted blogs consume Wordpress.com identity urls.

A few oddities

There is no Yadis XML document being produced, only the rel=”openid.server” html header. In addition to the top-level blog url, all posts and pages contain the following text:

<link rel=”openid.server” href=”http://user.wordpress.com/?openidserver=1″ />

My dream is, of course, to drop this plugin entirely, and have all the Wordpress code (WP, WP.com, WPMU, BBPress) consume and produce OpenID identities. It’s going to take a lot of work, but this is an excellent step in the right direction.

  add_action( 'hookname', array( $this, 'functionname' ) );

the object referred to by $this is copied, rather than referenced. Thus, internal object state is not preserved. That was a bugger to track down.

A new release is available for download, rev 78.

OpenID is an open, decentralized, free framework for user-centric digital identity. The wpopenid plugin lets visitors to a Wordpress blog quickly register, login, and leave comments using their OpenID. It streamlines the wordpress user registration loop, and aims to do it seamlessly in the context of the comment form.

After activation, the plugin hooks into wp-login.php, adding an extra field for OpenID login. Successfully logging in using this form auto-creates a real local Wordpress user, with Default Role capabilities, and takes them to their ‘profile’ page (or elsewhere, it honors redirect_to). They can promptly go commenting, or be promoted, or any of the other things normal wordpress users can.

The plugin also hooks to the comment form parser, watching for a POST field named ‘openid_url’ submitted along with the ‘comment’ text. In this case, the plugin sets a cookie with the comment text, and does an openid authentication redirect. If successful, the user is logged in, the comment is submitted, and the user sent back to the post.

Installation of the plugin is fairly painless, requiring no modifications to core files. Small template tweaks are recommended for maximizing the user experience.

I have a live demo of the plugin running inside a Wordpress-trunk blog at http://openid.verselogic.net/, as well as powering comments on this site.

Quite frankly, I’m tired of the headaches that synchronizing Wordpress with LJ brings. In addition to the problems of maintaining the mirror, I had to contend with the growing linkspam that was being generated.

I’ve started replacing each of my dependencies upon Livejournal with alternate solutions. I’ve been using a feed reader I hacked together to read various peoples blogs, instead of using my LJ friends page. I’m now commenting on other livejournals with OpenID rather than commenting with my LJ account. I implemented an OpenID consumer on this blog so that various livejournal users could comment on it easily. And now, with the assistance of Kitty, my blog at verselogic.net is being syndicated to livejournal.com/users/verselogic, so you LJ folks can easily friend that feed and continue along happily.

Last time I disabled comments people complained. No doubt people will complain again. I’ve tried to smooth the transition, but nothing is perfect.

The codepoetica livejournal account is going away, but I’m not.

Threw together a quick’n'dirty plugin for Wordpress this afternoon, now accepting arbitrary local account creation for OpenID identities. Anyone with an LJ or other OpenID server should be able to login and comment on this post.

Update: As requested, you can download the wordpress openid plugin source. This should be decompressed into the /wp-content/plugins directory, yielding 2 files, wp-openid.php and config/consumer_class.php.

config/consumer_class.php is my set of classes which implement an OpenID consumer. Based heavily on the structure of Brad’s perl implementation. Requires the HTTP Pear package. Does not implement Diffie-Hellman.

wp-openid.php hooks into Wordpress to provide the login form and authentication.

I might have to scrap the javascript chunks and roll back to an older revision. Much of the javascript was liberated from Brent Dax anyway. But seriously, this is a silly error, as it occurs when trying to set the contents of a textbox to an empty string. And if I comment that out, as it’s mostly cosmetic, the bug will show up somewhere else.

Error: [Exception... "'Permission denied to get property XULElement.selectedIndex' when calling method: [nsIAutoCompletePopup::selectedIndex]” nsresult: “0×8057001e (NS_ERROR_XPC_JS_THREW_STRING)” location: “JS frame :: http://azaphrael.org/~codepoetica/openid/ajax/this-demo.js :: anonymous :: line 181″ data: no]
Source File: http://azaphrael.org/~codepoetica/openid/ajax/this-demo.js
Line: 181

I think I’m going to take a little break from working on this consumer unless someone lights a fire under my butt this week.

Now that I’ve written this, watch it be a semi-invalid JSON data or some such difficult-to-debug crap.