Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago additionally (IMO) it should use the OpenID attribute exchange to grab as many
details as possible to pre-fill the form:
http://openid.net/specs/openid-attribute-exchange-1_0.html
:-)Original comment by joelmart...@gmail.com on 23 Apr 2008 at 6:16
GoogleCodeExporter
commented
9 years ago We currently use Simple Registration Extension (sreg) to accomplish this. In the
current release we only pre-fill the email field, in the version in the
development
branch we also pre-fill the username field. We may switch to attribute exchange
in
the future, but for now I think sreg is more widespread.Original comment by dhofs...@gmail.com on 24 Apr 2008 at 12:51
GoogleCodeExporter
commented
9 years ago One step further would be to build some way to exchange OpenIDs between sites.
Maybe
there is already some specification for that, but just in case there isn't :
1. I'm logged in through OpenID on a Relying Party A (RPA). My OpenID is oRPA
(it
could be provided by RPA, but not necessarily).
2. Browsing RPA, I'm clicking on a link pointing to a site (RPB) implementing
the
same mechanism (could be discovered by some XRDS magic, couldn't it?). RPA made
the
link to include some "token" (easiest thing would be plain-text version of
oRPA) as
an URL parameter.
3. I need to authenticate on RPB. RPB can start OpenID auth using oRPA.
4a. oRPA already have an account on RPB. Depending on my OpenID settings, I may
need
to re-allow RPB or not.
4b. oRPA is unknown on RPB. I'm redirected to my OpenID, and then to an RPB's
registration form (as pre-filled as possible given the sReg stuff available).
Sounds naïve, but it would be a more transparent way of travelling between
"decentralised" websites.Original comment by larry...@gmail.com on 23 Feb 2009 at 3:51
Original issue reported on code.google.com by
dhofs...@gmail.comon 23 Apr 2008 at 3:15