Integrate an OpenID client into core

[rmccue]

As one of the most popular ideas as per ​the WordPress Ideas forum (​see idea itself) and having a ​$5000 bounty offered by the OpenID Bounty Program, I believe this would make a good enhancement for the core.

I'm willing to write a patch for this during my summer holidays (Dec-Jan) should I need to.

[DD32]

There's allready a lot of plugins around which attempt to be a openID provider/allow openID commenting.. But i've never found one which felt "nice" to use (or from a code perspective).

Allowing OpenID commenting would be the first step in my mind, ignore offering to be a identity provider at first.

I somewhat doubt the $5k bonus to WP is going to be much of a incentive, unless WP decides to give it to the implementor :)

[DD32]

Yeah.. Ok, I completely missed the word 'client' in the title..

[Otto42]

-1 to making anything particularly specific to OpenID at this point in time.

+1 to making the user authentication system more "pluggable". It would be nice if you could authenticate via OpenID, or Google's authentication system, or LiveID/Passport, whatever system you prefer.

With a more pluggable system, OpenID could then be implemented more easily. Ideally, you would be able to login to a blog using your OpenID, as well as the comment system allowing optional OpenID data retrieval (name, email, etc).

One recommendation to anybody attempting to implement this: Do NOT tie the commenting URL into OpenID. If I leave an anon comment on somebody's blog and it stupidly notices that my URL is a provider, then that does not necessarily mean that I want to authenticate my identity. Keep the OpenID url as a separate field.

[rmccue]

Replying to Otto42:

+1 to making the user authentication system more "pluggable". It would be nice if you could authenticate via OpenID, or Google's authentication system, or LiveID/Passport, whatever system you prefer.

Would it be worth creating a new ticket for this?

One recommendation to anybody attempting to implement this: Do NOT tie the commenting URL into OpenID. If I leave an anon comment on somebody's blog and it stupidly notices that my URL is a provider, then that does not necessarily mean that I want to authenticate my identity. Keep the OpenID url as a separate field.

Absolutely agree.

[nacin]

Closing this as maybelater -- no plans to ever integrate OpenID, and there's a plugin... For making the authentication system more pluggable, that deserves its own targeted ticket.