Delegating your OpenID so it works with Wordpress Plugin

I recently installed the wp-openid plugin on this blog, to allow people to identify themselves with an OpenID in comments. One downside (pointed out by John) is that when you do this, your name above the comment will link to your OpenID URL rather than to your blog. Bummer!

So I deactivated the plugin and hunted around the Web for a solution. This post will explain the solution: how to delegate from your blog to your myopenid URL, so that in effect your blog URL becomes your OpenID URL. Once you've done this, you'll be able simply to enter your blog URL in the Website field of the comment form. Neat!

OpenID delegation works like this:

  1. You set up an OpenID URL at www.myopenid.com (or some other openid provider)

  2. You put some fancy code into the header of your blog that points openid authentication requests to the OpenID URL you set up already

  3. There is no step 3.


The fancy code should be as simple as this:
<link rel="openid.server" href="http://www.myopenid.com/server" />

<link rel="openid.delegate" href="http://robertjones.myopenid.com/" />

but unfortunately not all OpenID implementations seem to support this - some, including the wp-openid plugin, only recognise the more sophisticated YADIS format. Setting up YADIS involves putting something like this in the header:
<meta http-equiv="X-XRDS-Location" content="http://www.jonesieboy.co.uk/yadis.xml" />

along with a  matching yadis.xml file on your server that looks like:
<?xml version="1.0" encoding="UTF-8"?>

<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)"

xmlns:openid="http://openid.net/xmlns/1.0">

  <XRD>

  <Service priority="10">

  <Type>http://openid.net/signon/1.0</Type>

  <URI>http://www.myopenid.com/server</URI>

  <openid:Delegate>http://robertjones.myopenid.com/</openid:Delegate>

  </Service>

</XRD>

</xrds:XRDS>

If you are using Wordpress, the wp-yadis plugin takes care of the whole thing automatically. If not, you can get full details of how to set delegation up on Sam Ruby's blog: OpenID for non-SuperUsers.

As always, this technology is way too user-unfriendly now, but over the next few months I'm sure that euqivalents to the wp-yadis plugin will come along for most blogging platforms.

I'll post a couple of comments to this post to show the use of my myopenid URL and the use of this blog as a delegated openid.

Comments

  1. I've used my myopenid url to identify myself for this comment, which is why my name links to that url.

    ReplyDelete
  2. Whereas I have used my blog url to identify myself for this post. The blog simply redirects to the myopenid url for identification, but my name now links to this blog. Sweet!

    ReplyDelete
  3. Hi Robert,
    I think I've fixed my blog as per these instructions.

    ReplyDelete
  4. Hi John. I had a look at the source of your blog, and the header refers to http://www.sandaigprimary.co.uk/pivot/yadis.xml but this file doesn't seem to exist.

    ReplyDelete
  5. Great writeup... delegation is certainly one of the most exciting, yet also one of the most overlooked, features of OpenID.

    we're looking to expand the scope of wp-openid so that it incorporates the functionality of wp-yadis as well as a full OpenID server. Perhaps at that point we can make things a little more user-friendly.

    ReplyDelete
  6. Hi Will - great job on the wp-openid plugin :)

    Would it take a lot of work to make the plugin deal with the simple "link" style of delegation? I used PHP before moving to the beautiful world of Ruby a couple of years ago, so I might be able to help given a few pointers.

    ReplyDelete
  7. Hi Robert,
    I think I must have been a wee bit careless with ftp, I wonder where it ended up;-)
    Fixed now I hope.

    ReplyDelete
  8. If you are delegating, wouldn't it be easier to go all out and point directly at your myOpenID XRDS document?

    Just set X-XRDS-Location to http://robertjones.myopenid.com/xrds and it will expose all the capabilities of the provider, including OpenID 2.0 support.

    ReplyDelete
  9. Hi James - thanks for this great addition. I guess it would be better to use your own yadis.xml file if you wanted to delegate to a number of openid urls that you wanted to prioritise, but otherwise your solution is much neater. I'll update the post to include it.

    ReplyDelete
  10. Thanks for this precious information. If I don't leave a 2nd comment it's that my test is successful... :-)

    ReplyDelete
  11. This is a very useful article! I have been trying to find out more about OpenId for a while and most explanations sort of go round in circles.

    Thanks for your information.

    Sarah

    ReplyDelete
  12. Other instructions online for setting this up are far more complicated than they need to be. So thanks for the information.

    ReplyDelete

Post a Comment

Popular posts from this blog

Learning styles are a myth and I am not an auditory learner

Knowing and Understanding in Mathematics

Some Thoughts about Skills-Based Curricula