WordPress OpenID v3.0

I’m happy to announce that version 3.0 of the WordPress OpenID plugin is now available. As previously mentioned, there are a lot of new features in this release:

  • OpenID Provider - Specific user roles can be given the capability of using the built-in OpenID provider, turning their author posts URL into a valid OpenID which can be used to login to other sites. This includes support for OpenID 1.0 and 2.0 as well as Simple Registration 1.0, with hooks to add other OpenID extensions.

  • OpenID Delegation - Users authorized to use the built-in provider can optionally choose to delegate their OpenID to another provider instead.

  • EAUT Mapper - Support for the draft Email Address to URL Transformation protocol. If you use an email address at the domain of your WordPress blog, you can now use use that email address to login wherever EAUT is supported.

  • Extensibility - the plugin now has a number of public functions and hooks that other plugins can use to integrate with or extend the OpenID plugin. These are all documented here.

It’s worth mentioning that pretty much all of the new features require that you also have the XRDS-Simple plugin installed. There are also a number of other changes in regards to simplifying and stabilizing the plugin, than can be read about here.

Comments and responses

First of all… You have done some awesome work! Thanks a lot :)

…but I have a little problem with EAUT and the mapping function: http://eaut.org/example/?email=pfefferle%40notizblog.org (I run the plugin in single-user mode)

it’s nice to see you are still working hard on this plugin. thanks.

i’m having one problem… i swear there used to be an option in version 2 that allowed you to require either name and email or an openid, but not all three for comments. without changing any of my other settings, i tried to add a comment with an openid url and got the error that name and email are required.

any way to do this?

The wpopenid install on blogs.gnome.org is not problem free though. I don’t think the problems are WPMu related though.

Trying to use the OpenID Provider portion of wpopenid fails for many relying parties due to a bad interaction with the Bad Behaviour plugin. If an RP initiates the authentication process through a form post rather than a redirect, BB blocks the request because it is an off site form post.

I’d imagine a similar problem could occur in wpopenid’s RP half if the remote OP sent its response as a form post.

I’ve got no idea if this is something that can be addressed in wpopenid, or if it needs to be fixed in Bad Behaviour.

@James: Yeah, Bad Behavior causes a lot of problems, which I ranted a little bit about here. There’s nothing I can do about it in the OpenID plugin, it’s got to happen in BB. Unfortunately, because BB was designed to be a rather generic system (not just used for WordPress), changing some of things that need to be done may be a bit of work for them.
Will, I just downloaded this plugin and tried to get it to work, without much success. It keeps sending me to the login page. I am not sure I will be able to post here either using my openid, but here goes.
@aun: I am unable to load your website (database error), so I can’t really look at what you’re describing. What is it that you are trying to do? Add an OpenID to your account? Login with an OpenID, after having added it to your account? Login at another site using your WordPress blog as your OpenID?

Will, using my openid (http://aunraza.com) on your site the first time seems to have worked, however, when I try to post a comment on my own site, or even try to login to my WP dashboard it keeps redirecting me back to the login page.

So, it didn’t work the second time round, and I’m having to comment without OpenID. Not sure what is going on.

@aun: Are you trying to login to your website, using your website as an OpenID? If so, that certainly won’t work… it’s a chicken and egg problem. The only way that would actually work is if you’re delegating your OpenID to another provider, which it doesn’t look like you’re doing.

We definitely need to add some more warning/error messages when users get into this kind of never-ending circular login flow.

Just wondering what your thoughts might be on integration with Google and Microsoft’s recently announced provider services, especially the ability to use an email address as an id without an intermediate party like emailtoid.
@Josh: Meaning integration with wp-openid? Well, I’m hesitant to hard-code support for any OpenID Provider directly into the plugin. Google will be adding support for directed identity shortly, so that users just have to type “gmail.com” to login. Microsoft’s OpenID provider won’t be production until 2009, so I’m not too worried about it.
@Will: yes, I was thinking of wp-openid. The main thing I am thinking about is communicating to users on the login page what their options are. Most probably won’t (yet?) realize the OpenID thing would let them log in via gmail, so maybe some additional ui is in order?
I’ve upgraded to version 3.13 and I see the new option “Don’t require name and e-mail for comments left with verified OpenIDs.” I enabled that, but I still cannot post a comment using my OpenId URL. I get the same message that says “Error: please fill the required fields (name, email).” Please help!
Hi Will. I’m experiencing issues where I’m already including jQuery 1.2.6 in the theme, and then the plugin includes an older version too. Is there a possible workaround for this? I’ve tried to stop the plugin from including the jQuery script (function openid_js_setup()) but didn’t have much luck. Any ideas? Thanks.

Thank you for this plugin. It’s wonderfully implemented - far better than any of the previous ones.

I’m curious, with the recent release of Wordpress 2.7 - are there any known issues to be aware of when upgrading Wordpress?

Just thought I’d check with the creators before upgrading to 2.7….

I’ve been running beta releases of 2.7 for several weeks now, and the OpenID plugin works just fine. I’ve got a new release in the works that fixes a few minor bugs and fits the 2.7 look and feel a little better. No major functionality changes, though.

I just updated three different Wordpress installations that were using your OpenID plugin, to Wordpress version 2.7. I’ve seen no problem with it.

Thanks yet again Will for all your work on this… It’s greatly appreciated.

By the way, your site here seems to be putting in extra stuff in the OpenID URI on people’s posts.

For example, my link gets this ' rel=external nofollow tacked onto the end of it, which confuses the site linked to.

That doesn’t seem to be a bug in wp_openid 3.1.4 - which my site is using - which doesn’t do that same thing….

Anyway, just wanted to say, in case you didn’t know, or in case I’m just experiencing some unique strangeness of my own.

Sure. When I mouse over our OpenID names on your blog, the link gets extra stuff added to the end. Except for your name, which I can’t even click on, even though it looks like a link.

http://orbum.net/mark/files/Mousing_over_My_Name.jpg

http://orbum.net/mark/files/Mousing_over_Wills_Name.jpg

http://orbum.net/mark/files/Mousing_over_Amilcars_Name.jpg

When you click on them, you get a ‘not found’ on the blog it’s linking too, because it’s looking for a page called ' rel=‘external nofollow

I’m using the OpenID Wordpress plugin (v.3.2.2) with a Wordrpess-mu install.

The 3.2.2 works again (the previous version broke when I updated to WPMU 2.7).

The problem I’m having is when I try to submit any changes on the OpenID plugin settings page. I receive a message: “Error! Options page not found.”. options.php is the file that is being called in my browser when this happens.

Any ideas?

Any chance someone can check the posts on the WP forums? I’ve had a query up for 2 weeks with no response (not the only one with the same error).

http://wordpress.org/support/topic/257773?replies=2

Here’s the content of my request:

Running OpenID 3.2.2 on WP 2.7.1.

Every time I try to add a new OpenID I get the message “OpenIDloginfailed:Invalidopenid.modeNomodeset”.

I’m logged into the MyOpenID site already and have used the id elsewhere without issues, so the id is valid and already logged in.

Help?

Hi. I am glad that you have made this plugin - it’s just great that every site doesn’t need a new sign up necessarily.. Anyway.. There seems to be a small problem with your plugin..

I was using a plugin that enables a login widget in my sidebar (one that tells that it supports openid if openid plugin is installed) - and I noticed that it didn’t work very nicely - so how to continue from here? I decided to create my own plugin and make it a fancy one :)

Until I ran into problems which where similar to problems I encountered with pre-done plugin I mentioned in the beginning.. Finally I was able to isolate this problem to your openid-plugin as a cause..

WP 2.7.1 comes with jquery 1.3 branch and with jquery UI 1.7 branch - your plugin uses jquery XPATH plugin to bring back XPATH compatibility that was removed from jquery in 1.3 - unfortunately this doesn’t seem to work very well as I am now unable to use jquery UI’s tabs part at all.

Safari reports this: TypeError: Result of expression ‘A.cookie’ [undefined] is not a function.

If I remove your plugin or remove file jquery.xpath.min.js (so it cannot be loaded) - everything seems to go just fine - although I don’t know how well your plugin performs without it..

Would there be a possibility that you could get your xpath plugin fixed or use functions that exist in jquery? I checked some files and noticed that under folder Yadis there are lot of occurances about xpath so this isn’t propably anything like 5 minutes of coding, but…

I am getting the following when I try to login with my Gmail OpenID:

“Your have entered a valid OpenID, but this site is not currently accepting new accounts.”

XDRS-Simple 1.0 and OpenID 3.2.2 are installed and all users are checked in the Settings.

What do I need to do to fix this problem?

The OpenID plugin respects the WordPress setting which allows new people to register. You need to go to the WordPress General Settings page and check the box that says “Anyone can register”. Otherwise, OpenIDs can only be added to existing WordPress user accounts.

Will,

How do I turn off the ‘Email Mapping’ option as I need to use Gmail as the Provider? I see code referring to the mapping option in the plugin’s admin-panels.php file, but don’t see that setting option in Dashboard | Settings | OpenID.

As is, with mapping on, a new WordPress user is created but doesn’t provide first and last name (maybe even nickname,and password?) that I’m hoping to get from Gmail. And the emailtoid OpenID is less than memorable, user-friendly.

What changes do I need to be make to the plugin so I can use Gmail? And would the Gmail OpenID be the same as the Google account used to login to Gmail, e.g., ‘accountname@gmail.com’, or would it be ‘gmail.com/u/accountname’?

I’m trying to upgrade a site where members (seniors, ages 55-90+, many who are not very sophisticated or experienced net users) can login to Gmail with a single, memorable username and then access the WordPress blogs without needing to register (or be registered) with another username and password (see: OLLI at Auburn Blogs).

Thanks.

  • Tom

Whoa! I just checked back and noticed that the code for email mapping in admin-panels.php was commented out! When I uncommented it the plugin would no longer work.

So how is it possible for this plugin to handle OpenIDs other than by email mapping via emailtoid.net?

I am trying to get openid set up on an MU installation. It apears that the code has an issue with obeying the settings for allowing new registrations. this setting is not in the WordPress General Settings page in MU.. it is in the Site Admin -> Options page. I verified that changing the value allows me to create a new user / blog or not with a regular logon, but when it is attempted with an OpenID URL, I get the same error as above:

Your have entered a valid OpenID, but this site is not currently accepting new accounts

Also, I do have the patch for bug 121 applied to my install and that part does work correctly.. Are there other patches I might have missed?

Got an error OpenIDloginfailed:Invalidopenid.modeNomodeset while trying to add my Verified OpenID.

P.S.: WP 2.8.2 openid 3.2.3

Thank you for the greatest plugin and for looking into this issue.