I started writing this XRDS (Yadis) plugin for wordpress several months ago, but never really finished putting in the features I had planned. With so much going on in the OpenID community the past couple of weeks, I decided to blow the dust off and clean it up a bit.

I have to say though, I’ve been very frustrated with the direction a lot of implementors seem to be going with their OpenID deployments. It seems like everyone wants to be your identity provider… they’ll hold all your data and your password, and you can use them to login to all of the OpenID sites. Even better, you get to have a spiffy cool username with their corporate branding all over it like http://openid.somecompany.com/users/joeuser/. Isn’t that great?! *sigh* While this is all well and good for a lot of people that need something like that, this completely ignores the whole user-centric identity model this is all based on. Unless a user is ridiculously devoted to your site and community, they don’t want an ID under your domain. If you’re someone like Technorati, then all of your users likely have their own blog anyway, and thus their own URL to use for OpenID! It seems that very few of the larger Identity Providers out in the wild today are really making an effort to advertise the delegation feature of OpenID, which I think is by far one of its most attractive qualities. The beauty of delegation is that someone else gets to do the grunt-work of supporting the infrastructure for actually running the IDP, but your public face is always at your own domain. Your identity is still your own… always. If a provider says mean things about your cat or won’t respond to your constant MySpace friend requests, it takes about 10 seconds to jump ship and move somewhere else. This also helps to ensure constant competition between providers to develop the best tools for managing your identity and keeping it secure. While I’m curious to see what the business model will actually be in running an Identity Provider, this model is certainly in the best interest of the end-user.

So how do you actually delegate your OpenID to another server? It’s actually relatively simple, even if you’re doing it by hand. All it requires is a couple of lines of code at the top of your webpage that identifies what server you want to use, and the ID that server knows you as. This plugin does just that, but gives you a nice interface for managing it and won’t break when you change themes. Eran Sandler actually has another plugin that does this exact thing; it’s a little simpler in implementation but he has much better user documentation in the config screens… hey Eran, you interested in working together?

Get the plugin at http://willnorris.com/projects/wp-xrds/

Comments and responses

Glad to hear you're going to get the Yadis plugin going!

As for delegation, I think most of the providers talk quite a bit about it. I know we (JanRain) promote it in our FAQ and most of our users use it already. Also, we'll be making an announcement tomorrow about an even cooler way to use delegation ... :-)

Well the primary thing about it is that instead of telling the plugin where your XRDS file is, the plugin builds it for you on the fly... after selecting your provider and giving it your username, there really is nothing more to do. For example, my file (http://willnorris.com/xrds.xml) doesn't actually exist on my webserver, wp-xrds intercepts the request and builds the response based on the providers I have configured. In terms of functionality, it's simply an extension of your plugin, though the implementation was independent.

I'm a lit undecided on advertising it as an XRDS plugin since few people know what that is. It's currently hardcoded to only use OpenID providers, so it's a little misleading. I'll likely either rename it, or expand it to include non-OpenID providers (thought with the popularity of OpenID, I kinda wonder what's the point?).

(edit) I should also add/clarify, that the plugin also creates the openid link tags directly in your html, so you can still access applications that don't understand XRDS. If you have multiple providers configured, your first one is used for these links.

Will, I was looking into creating such a plugin myself, but after seeing this you seem to be in a far better state than I am :-)

I was also thinking along these lines but figured that one cannot really intercept the xrds.xml call in all platforms (specifically on Windows) so I would simply generate it on the fly whenever someone saves the configuration.

If you need help with anything regarding the plugin itself ping me at [my first name]@sandler.co.il.