David Recordon (daveman692) wrote in lj_dev,
David Recordon

OpenID and LJ Status Update

So the past few days brad and I have been working on OpenID. Brad's been focusing on updating the server and consumer packages to no longer use DSA but now DH/HMAC instead. I've been focusing on allowing you to use your OpenID identity to comment. This is an improvement on our status of a month ago where we could comment, using a non-intuitive interface, using OpenID only after we'd logged in, which is by far the rare use case. Usually [non-LJ] people will stumble upon LiveJournal from elsewhere, and immediately want to comment, not go login first. We also know we need to update http://www.openid.net/about.bml to be a much more descriptive page since consumer developers should link to it, like we do, in help context.

So what we do now is, on submit, store a "pending comment" (which gets a number), send the user for their OpenID auth loop, and when they come back, finish posting their comment. One of our regular maintenance tasks keeps the pending comments table clean, giving users a more than reasonable amount of time to finish the auth loop.

All very straight-forward, but I'm excited about it because this afternoon the DeadJournal guy (scsi) updated his beta-site with the new code, and I was able to leave comments back and forth from LJ's beta site and DeadJournal's beta site. This has been on our wishlist for 3-4 years now.

Probably as of tomorrow we'll update the production LiveJournal.com server code and DSA support will be gone. LifeWiki.net will also be updated to use the new consumer library. The new libraries are not backwards compatible with those being run on these two sites.

Currently the following sites have both OpenID server and consumer support enabled:
* http://goathack.livejournal.org:8020
* http://goathack.livejournal.org:8064
* http://trinary.deadjournal.org/

Your identity URL would be something like http://trinary.deadjournal.org/users/daveman/

You cannot currently comment between the two GoatHacks. Haven't fully investigated this issue, but is on my list for the morning.

We'd love you guys to test this out and play around with it. We've had one of Six Apart's awesome UI guys take a look at it and done a good range of browser testing, but the more the merrier. Constructive feedback, bug fixed, suggestions, etc are always appreciated! Code is in CVS if you'd like to review it and is easy to enable on your own install, $LJ::OPENID_SERVER and $LJ::OPENID_CONSUMER in ljconfig.pl respectively. Debian packages, that I built this afternoon, for the required modules can be found at http://goathack.livejournal.org:8064/debs/.

Anything I left out, ask.


More information on OpenID can also be found on the mailing list (http://lists.danga.com/pipermail/yadis/2005-June/thread.html) where I also stole part of this post from. ;)
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded