Add support for RPX-enabled account mapping

[tardate]

Account mapping is a feature of the paid versions of RPX. It lets you associate the multiple signons a user may use with one account identity on your website.

Currently, this is not supported in authlogic_rpx

[tardate]

Merging issue #10 from John into this issue:

Allow multiple rpx identifiers to be associated with the same user 1 comment Created 1 day ago by jjb | edit Title

Body I would like my users to be able to sign in with any of the available SSO providers. As it is now, a user account has a single rpx_identifier field, and can only be associated with one SSO provider at a time. It would be great for a user to be able to have an arbitrary number of rpx_identifiers. This could be done with an entire extra table, or it would perhaps be an okay design to just store this as a serialized ruby array in the db. If you are interested in supporting this, I would be happy to help writing it. Thanks for listening, John or cancel

I would like my users to be able to sign in with any of the available SSO providers.

As it is now, a user account has a single rpx_identifier field, and can only be associated with one SSO provider at a time.

It would be great for a user to be able to have an arbitrary number of rpx_identifiers. This could be done with an entire extra table, or it would perhaps be an okay design to just store this as a serialized ruby array in the db.

If you are interested in supporting this, I would be happy to help writing it.

Thanks for listening, John

[tardate]

Hi John,

Thanks for suggesting this - its one of my "wishlist" items too. In fact, I'm going to close this issue and merge it with #1 - which was essentially the same thing.

One approach for this is to build the capability directly into Authlogic_RPX - as you say, not such a big deal to implement. I hadn't actually been considering going down this path (yet) because RPX inherently supports account mapping. The downside is that it is only in their paid options (one of the reasons I haven't implemented yet - too cheapo to buy a paid subscription yet;-). The benefit is that the mapping is done globally - so if an association has been made by a user using any RPX-enabled site, that mapping would be valid for your site too.

What do you think? Seems like there would be value in having both - a "poor mans mapping" directly supported by Authlogic_RPX, plus support for the RPX-enabled mapping (if you had a subscription that supported it).

[jjb]

My vote would be to have both features, and develop the non-rpx-account-mapping version (#10) first.

The great thing about RPX is that you can just use it as a convenience layer, and do all the other pieces in a standard way. If you take RPX out of the picture and roll your own authentication for each service, all your existing data remains valid.

I think that for the time being JanRain sees this as a strength-- they are big supporters of these identity services and using them the right way.

And, as you said, user account mapping isn't free.

So I say, let's build #10 first, and then #1 after that.

(okay, i'll admit some bias-- because of the projects i'm working on, i don't think i'll ever need #1)

[tardate]

OK, you convinced me;-) I'll edit/clarify the two issues to separate the objectives. I probably won't have the time to look at this for at least a few days - you interested in helping out? If so, be my guest to fork and try an approach;-) you can mail me direct at gallagher.paul(a)gmail.com to discuss the implementation if you like

[millisami]

My +1 goes for the mapping

[jjb]

Wanna reopen #10 and discuss the implementation there?

[jjb]

Ah, I see it is already reopened. :)

[mspanish]

Any progress on this mapping yet? :)

[tardate]

@mspanish - "internal mapping" support is included in 1.1.1, however there's been no progress on the native RPX-mapping yet (the main reason being that I do not have a pro account to test with at the moment).