Having gotten OpenID delegation going I had to go and play some more.. 🙂

Now I was a bit puzzled about the OpenID XRDS Url mentioned in Eran’s plugin, I don’t see if being created at WordPress.com and the thought of just putting a URL in there and hoping is a bit, well, unsatisfying. Now that isn’t Evan’s fault, it’s just the fact that the WordPress service isn’t that well documented for delegation and I was hoping for something that would go a little bit further.

Before I found Evan’s OpenID Delegation plugin I came across Will Norris’s WP-Yadis plugin (originally wp-xrds) but it didn’t really work under PHP5 and so I had quickly skipped over it. Having found myself not quite happy with the outcome of using Evan’s (again, not his fault) I decided to go back and see if I could fix up the PHP4 code that wasn’t happy with PHP5.

Now it turns out it wasn’t that hard to fix, just 3 instances of foreach() where a variable needed casting to Array. That let me put in the OpenID Server Url and OpenID Delegate Server Url that I had been using previously and magically created a XRDS (aka Yadis) document. Brilliant I thought.

But wp-yadis could do more, it already had a set of definitions for a number of providers so that you could just pick the one you wanted and give it your username and let it automatically generate the URLs, but there wasn’t anything for WordPress. A bit more hacking later (to add a substitution to the server URL that was previously only happening on the delegation URL) and it was working!

I’ve sent Will the patch by email, but as the licensing isn’t clear I can’t really make it available here without Will’s approval.

Now that WordPress.com blogs include an OpenID server for free and most WordPress users have an account there as they need it for Akismet to work, it turns out they can use it as the invisible back end to authenticate via their own WordPress blogs (hosted elsewhere) using the concept of delegation.

I thought it would be interesting to try and get OpenID delegation going on this blog as a proof of concept, and because I’m tired of commenting on Tim Connors blog as anonymous. 🙂

Now whilst OpenID delegation requires nothing more than a couple of lines of HTML, on a site that is dynamically generated like a blog you need a bit of code to add that into the front page, otherwise it’s not going to work. With WordPress that is done via plugins and casting around I found Eran Sandler’s OpenID Delegate plugin which I took for a spin.

It’s easy to install, a single PHP file in your wp-content/plugins directory, and then an OpenID Delegation item appears in your Option menu. Clicking on that and you will see three cryptically named options:

• OpenID Server Url – this is the URL that access the OpenID server code
• OpenID Delegate Server Url – this is the URL for the OpenID that you possess
• OpenID XRDS Url – this is a URL for a special file that is supposed to control the delegation

Initially I tried setting http://????.wordpress.com/ for each field (where ???? is the name of my blog at WordPress.com) and that almost, but not quite, seemed to work according to the OpenID validator. It took me a while to figure out what was needed, but from this forum thread I found a clue that I’d missed a necessary option on the OpenID Server URL.

So, what got it to work for me (and presumably will for you too) is:

• OpenID Server Url: http://yourblog.wordpress.com/?openidserver=1
• OpenID Delegate Server Url: http://yourblog.wordpress.com/
• OpenID XRDS Url: http://yourblog.wordpress.com/

The proof that it works ?

A successful comment on Tim’s Live Journal using my blog as the OpenID server. That’s enough to make me happy..