looking for a module name for an OpenID "dispatcher"

14 views
Skip to first unread message

Roger Crew

unread,
Oct 18, 2011, 8:17:02 PM10/18/11
to openi...@googlegroups.com
(...I'm somewhat unclear on the process for grabbing namespace
    i.e., beyond the general principle of Talk to People.
    Since all of the various documents on this seem to be 10 
    years out of date, and apparently very few people are reading 
    comp.lang.modules.perl anymore, here goes...)

I suppose the main question for *this* group would be how 
you'd all feel about my grabbing a name like 

   Net::OpenID::Dispatch   or
   Net::OpenID::DWIM

or whether there are better options out there

The module in question provides CGI/Apache::Request -style handlers
-- modulo the Small Matter that since Plack/PSGI has appeared on the
scene since I started writing this, I should probably just adapt it to that
world and call it a day, which would simplify things immensely --

that would:

(*) take a user-provided identifier (be it a username, email address, 
    literal openID, or ID provider domain name,...), 

(*) launch into whatever ID-discovery or provider conversation is 
    necessary to authenticate via *one* of the OpenIDs or OpenID-like 
    mechanisms that user has *previously* registered for his/her account,

(*) invoke a local password-authentication if no providers are 
    actually registered with the account in question. 

(*) redirect back to some predetermined place once *some* 
    corresponding ID is established. 

The point is to be able to easily put up 

(*) a sign-in form with ONE field in it, the user types something, and 
    we just Do The Right Thing to get them signed in, via whichever 
    provider(s) they've previously specified for their account is 
    available at the moment. 

(*) a form for registering a new OpenID with one's account, to be used 
    by an already-signed-in user, which goes through the authentication 
    to ensure that said ID actually belong to him/her. 

This is a slightly different take on OpenID in that it is NOT about
accepting arbitrary OpenID signins from random bozos, but rather about
giving an existing userbase the option of ditching their passwords
--- or being able to send out account-setup email to new people that 
just launches them into registering their gmail address or other OpenID 
so that they don't have to set a password at all in the first place
--- and thus be able to get out of the password business entirely.

It is mostly a front-end to Net::OpenID::Consumer, except it also 
allows for having fake back-ends for "providers" like Facebook or 
Microsoft that use their own protocol, so long as they somehow be 
shoehorned into into the general 
 discover -> check-immediate -> check-direct ->verify 
process that OpenID uses. 

I was originally waffling between 

   Net::OpenID::Dispatch 
   Net::OpenID::DWIM 

but even though it's OpenID-inspired and gets used with OpenID 
providers *most* of the time, I'm not entirely certain it belongs
in the Net::OpenID hierarchy (perhaps it does,... never mind that 
the modules page discourages this kind of use of the Net:: heirarchy 
at all,... then again Net::OpenID::Server/Consumer was allowed,
and I'm getting the impression The Rules are more flexible these 
days?)

And since the module is intended to be agnostic about CGI.pm 
vs. Apache2/mod_perl (and as per above, I think I'm just going
to Plack-ify it) --  it clearly doesn't belong under 
Apache[2]:: or CGI:: 

As for other hierarchies, my understanding is that 

WWW:: 
    is more for high-level applications, 

HTTP:: 
    is more for implementation of the HTTP protocol/extensions 

Auth*:: 
    would imply that this makes sense in a 
    non-browser/HTTP context, which it mostly doesn't 

So, ... thoughts? 
Is there something out there that already does this?


Reply all
Reply to author
Forward
0 new messages