Wednesday, October 10, 2007

OpenID[ea]


Change of plans.
My previous idea of capturing OpenID request by making the browser an OP is out of the question. Its just not possible, the protocol doesn't allow for it (what if you're behind a router?)

Right.

So now the deal is I'm going to make an extension that acts as an OP manager and a liaison between the user and their OPs. Getting around the current authentication paradigm OpenID poses - authentication via redirection. My efforts are to push the authentication process client side. I also have to keep this as light weight and seemless as possible, as to not suggest to users that this is an external extension (even though it is) but instead give the illusion that its native to the browsers functionality.

You might be thinking well this is already done. Well yes and no, Sxipper does a good job of this but it also does 23809849209832 other things and is UI intensive (you should try it out its pretty nifty) and Beltzner pointed me to an extension called Appalachian that handles OP managing but still suffers from the authentication via redirection issue. That leaves some middle ground for this extension. I'll be posting whatever developments I make. At the moment I'm combing through Sxipper and Appalachian code to get and idea of how things are done.

Over'n out.

No comments: