Support for OpenID

[filips123]

Add support for login with OpenID. Even if OpenID is old, it is still good and used in many libraries. This would enable easier auth because many libraries support OpenID but not IndieAuth.

This was already possible in old IndieAuth.com website and should also be possible on the new one.

[aaronpk]

I don't see any value here for supporting OpenID in indielogin.com. All that would do is let you use your existing OpenID provider as one of the authentication options alongside GitHub/Twitter/IndieAuth/email etc. Given that there are virtually no OpenID providers left, this means the only people who would benefit from this are people running their own OpenID provider. But library support for that is also very small now, and will only continue to get worse, since the spec has been deprecated for years. If you're willing to run your own OpenID provider, then I would encourage you to instead look at IndieAuth which is much simpler to implement, and there are also self-hosted options for that as well.

If you are referring to the other half of indieauth.com which acted as an OpenID provider, that would be a feature request for the other half of its replacement, since indielogin.com does not act as an identity provider at all.

[filips123]

I am referring to indieauth.com as OpenID provider. Where should I then request this feature? And what is actually difference between indieauth.com and indielogin.com? I though indielogin.com is just updated website with new name but same functionalities.

Support to act as OpenID provider would be useful. There are still many maintained and popular OpenID clients for many languages which could then be used with IndieAuth.

[aaronpk]

This was the reason for splitting indieauth.com out into two services, it's too confusing having the same service provide both.

1) indielogin.com is the replacement for indieauth.com's "developer API" to log users in. In this mode, the developer has the relationship with indielogin.com, and ideally users wouldn't even really see it. (If your site supports IndieAuth, then you'll never see indielogin.com when logging in to a site that uses indielogin.com) 2) I haven't yet launched the replacement for indieauth.com's identity provider half. This is the half that acts as your own IndieAuth endpoint. In this mode, the user has the relationship with the service. In the mean time, there are other IndieAuth providers you can use.

[filips123]

So OpenID provider fits into the second part? Then please implement OpenID 1 and 2 when you will make that second part.

[Mikaela]

I originally reached this issue when I followed https://indieweb.org/OpenID#Setup wanting to add mikaela.info as OpenID on Gitea, but if I understood correctly it's OpenIDv2 or something while IndieAuth.com is OpenIDv1. Is this the same issue?

I am aware of https://github.com/go-gitea/gitea/issues/3837#issuecomment-394359165, which however is only for Gitea.

[aaronpk]

@filips123 yes that's correct, it would be part of the other service, not this one.

@Mikaela how did you end up at indielogin.com following those instructions? That page on the wiki talks about using indieauth.com which supports OpenID 1. If Gitea only supports OpenID 2 then it likely won't work.

[Mikaela]

I have no idea.

[aaronpk]

I'm going to close this issue since IndieLogin can't be an OpenID provider (described here), and I have no intention of consuming OpenID here either.

[filips123]

@aaronpk Why? I think that OpenID should be implemented in that second part (replacement for indieauth.com's identity provider half) and that issue should be opened until it is implemented. Even if OpenID is old, it is still good and used in many libraries. This would enable easier auth because many libraries support OpenID but not IndieAuth.

[aaronpk]

I think that OpenID should be implemented in that second part (replacement for indieauth.com's identity provider half)

Maybe! But that's a discussion for that project, which is not this one.

[filips123]

But that's a discussion for that project, which is not this one.

I know. But is there already any repositoy or place where we could discuss this?

[aaronpk]

Nope, I haven't started that project yet :-(

There are plenty of other IndieAuth providers that you could ask for OpenID support on though.