[TYPO3-core] RFC #9474: Integrate OpenID authentication support to TYPO3

[Oliver Hader]

Hi Xavier,

Xavier Perseguers schrieb:
> It seems that this great patch will vanish in the air, what a pity!
> 
> At last, I would find great if the "openid" extension key could be
> released. I think that I will eventually have another look at the code
> to see why it needs to be a sysext. And if nothing comes up, I'll take
> this code and put in under whatever "openid" extension key I find in
> order to let people benefit of this great work.
> 
> I feel a bit unhappy to see that even good contributions are lost.

No need to do this, since I'd like to see OpenID as part of TYPO3 4.3
and it's also on the list of features for the next version.

However, there are some unfinished things (after most of the issues Ingo
pointed out have been changed in my patch from 2008-10-22):
* random number generator defined to Auth_OpenID_RAND_SOURCE - this
should be checked by the security team again for possible issues
* naming issue $authentificationInformation vs. $authenticationInformation
* store OpenId information in database instead of using the filesystem
* naming issue of $available in tx_openid_sv1::init() (e.g.
$serviceAvailable)
* Why is the final FE user authentication implemented to use AJAX and is
there a complement in the back-end?

Thus, the main work to be done is the database storage thingy and the
random number generator. All other things are easy or have to be clearified.

The current votes are:
2 x public +1 on testing
1 x public +1 on reading
2 x core-dev +1 on testing
2 x core-dev +1 on reading - only if the mentioned things are changed

As you can see, the patch is almost ready to be committed...

olly
-- 
Oliver Hader
TYPO3 4.3 Release Manager