On Sat, Dec 10, 2011 at 12:40 PM, Nelson Brown <brown...@gmail.com> wrote: > Hi Olemis, >
Hi! :) > So I don't have much of any experience with writing authentication schemes > using OpenID. I do, however, find it interesting so I poked around a little > bit and I'll share with you some of my thoughts. > thnx ! [...] > So I believe from what I read that you need to create a mapping of OpenID > authentications (many, Google, Yahoo, some custom service, etc) to exactly > one internal Trac user. See the reference here. [1] > This is not exactly the way I was thinking of mainly because I knew this was not supported by the plugin and it's a bit time-consuming to implement all this ... :-/ However thnx for sharing that article > If you look at the Wiki for OpenID authentication plugin [2], he mentions > the following: > > # You can use this option to map your OpenIDs to internal username. > #check_list = http://your.site.com/openidallow > #check_list_key = check_list > #check_list_username= > Ok , but that's not exactly what I was looking for ... [...] > > The part that does the name mangling in case the username is the same as > an authenticated name appears to be on line 590 in [4]. > > {{{ > def authnames(base): > yield base > for attempt in itertools.count(2): > yield "%s (%d)" % (base, attempt) > > for authname in authnames(authname): > ds = DetachedSession(self.env, authname) > if ds.last_visit == 0 and len(ds) == 0: > # At least in 0.12.2, this mean no session exists. > break > ds_identity = > ds.get(self.openid_session_identity_url_key) > if ds_identity == info.identity_url: > # No collision > break > }}} > ... this is it ! Briefly what happens is that the plugin only offers this simple method to bind OpenId logins to local usernames . It's lacking some binding mechanisms like those mentioned in aforementioned reference [1]_ . I plan to introduce an interface to implement custom binding algorithms, I'll refactor plugin code a little, then prepare a patch and submit it to package owner . I'll let you know once I have something ready ;) > Hope any of this helped, or I'm sorry if it led you off the trail. > Sure . Thnx very much ! > [1] http://www.plaxo.com/api/openid_recipe > [2] https://bitbucket.org/Dalius/authopenid-plugin/wiki/Home > [3] http://pypi.python.org/pypi/simplejson/ > [4] https://bitbucket.org/Dalius/authopenid-plugin/src/ebcf176ff6e3/authopenid/authopenid.py > -- Regards, Olemis Facebook => http://www.facebook.com/olemis Twitter => http://www.twitter.com/olemislc (@olemislc) Blog ES => http://simelo-es.blogspot.com Blog EN => http://simelo-en.blogspot.com Quora => http://www.quora.com/olemis Youtube => http://youtube.com/user/greatsoftw Get a signature like this. CLICK HERE. -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to trac-users@googlegroups.com. To unsubscribe from this group, send email to trac-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/trac-users?hl=en.
