I’m happy to announce that version 3.0 of the WordPress OpenID plugin is now available. As previously mentioned, there are a lot of new features in this release:
- OpenID Provider - Specific user roles can be given the capability of using the built-in OpenID provider, turning their author posts URL into a valid OpenID which can be used to login to other sites. This includes support for OpenID 1.0 and 2.0 as well as Simple Registration 1.0, with hooks to add other OpenID extensions.
- OpenID Delegation - Users authorized to use the built-in provider can optionally choose to delegate their OpenID to another provider instead.
- EAUT Mapper - Support for the draft Email Address to URL Transformation protocol. If you use an email address at the domain of your WordPress blog, you can now use use that email address to login wherever EAUT is supported.
- Extensibility - the plugin now has a number of public functions and hooks that other plugins can use to integrate with or extend the OpenID plugin. These are all documented here.
It’s worth mentioning that pretty much all of the new features require that you also have the XRDS-Simple plugin installed. There are also a number of other changes in regards to simplifying and stabilizing the plugin, than can be read about here.

22 Comments
First of all… You have done some awesome work! Thanks a lot :)
…but I have a little problem with EAUT and the mapping function: http://eaut.org/example/?email=pfefferle%40notizblog.org (I run the plugin in single-user mode)
Ups, I had a look at the source code and found the problem… the email-address I tried was not the one I used within my wordpress account. Now it works perfect. Thanks anyway ;)
Yeah, that needs to be documented better… It was kinda added last minute
Well done Will - magic stuff!
Thanks Will! This update fixes my Dreamhost issues!
it’s nice to see you are still working hard on this plugin. thanks.
i’m having one problem… i swear there used to be an option in version 2 that allowed you to require either name and email or an openid, but not all three for comments. without changing any of my other settings, i tried to add a comment with an openid url and got the error that name and email are required.
any way to do this?
Hi Will,
will your plugin work in a MPMu instalattion?
Bests regards,
@Nilton: I assume you meant WPMu? Yes, it works fine on the multi-user version of WordPress, as can be seen at http://blogs.gnome.org/
The wpopenid install on blogs.gnome.org is not problem free though. I don’t think the problems are WPMu related though.
Trying to use the OpenID Provider portion of wpopenid fails for many relying parties due to a bad interaction with the Bad Behaviour plugin. If an RP initiates the authentication process through a form post rather than a redirect, BB blocks the request because it is an off site form post.
I’d imagine a similar problem could occur in wpopenid’s RP half if the remote OP sent its response as a form post.
I’ve got no idea if this is something that can be addressed in wpopenid, or if it needs to be fixed in Bad Behaviour.
@James: Yeah, Bad Behavior causes a lot of problems, which I ranted a little bit about here. There’s nothing I can do about it in the OpenID plugin, it’s got to happen in BB. Unfortunately, because BB was designed to be a rather generic system (not just used for WordPress), changing some of things that need to be done may be a bit of work for them.
I’m using the verisignlabs openid now I’ll try using WordPress OpenID v3.0 with it.
Will, I just downloaded this plugin and tried to get it to work, without much success. It keeps sending me to the login page. I am not sure I will be able to post here either using my openid, but here goes.
@aun: I am unable to load your website (database error), so I can’t really look at what you’re describing. What is it that you are trying to do? Add an OpenID to your account? Login with an OpenID, after having added it to your account? Login at another site using your WordPress blog as your OpenID?
Will, using my openid (http://aunraza.com) on your site the first time seems to have worked, however, when I try to post a comment on my own site, or even try to login to my WP dashboard it keeps redirecting me back to the login page.
So, it didn’t work the second time round, and I’m having to comment without OpenID. Not sure what is going on.
@aun: Are you trying to login to your website, using your website as an OpenID? If so, that certainly won’t work… it’s a chicken and egg problem. The only way that would actually work is if you’re delegating your OpenID to another provider, which it doesn’t look like you’re doing.
We definitely need to add some more warning/error messages when users get into this kind of never-ending circular login flow.
doh! that worked. i knew it would be something simple! thanks will!
Just wondering what your thoughts might be on integration with Google and Microsoft’s recently announced provider services, especially the ability to use an email address as an id without an intermediate party like emailtoid.
@Josh: Meaning integration with wp-openid? Well, I’m hesitant to hard-code support for any OpenID Provider directly into the plugin. Google will be adding support for directed identity shortly, so that users just have to type “gmail.com” to login. Microsoft’s OpenID provider won’t be production until 2009, so I’m not too worried about it.
@Will: yes, I was thinking of wp-openid. The main thing I am thinking about is communicating to users on the login page what their options are. Most probably won’t (yet?) realize the OpenID thing would let them log in via gmail, so maybe some additional ui is in order?
I’ve upgraded to version 3.13 and I see the new option “Don’t require name and e-mail for comments left with verified OpenIDs.” I enabled that, but I still cannot post a comment using my OpenId URL. I get the same message that says “Error: please fill the required fields (name, email).” Please help!
Hi Will. I’m experiencing issues where I’m already including jQuery 1.2.6 in the theme, and then the plugin includes an older version too. Is there a possible workaround for this? I’ve tried to stop the plugin from including the jQuery script (function openidjssetup()) but didn’t have much luck. Any ideas? Thanks.
how are you adding jQuery 1.2.6 to your theme? Are you using WordPress’s enqueue_script and replacing the already-queued jQuery? If not, then that’s your problem.
One Trackback
[…] WordPress OpenID v3.0 Will Norris writes “I’m happy to announce that version 3.0 of the WordPress OpenID plugin is now available. As previously mentioned, there are a lot of new features in this release.” […]