OpenID

Using

In StatusNet 0.9.x, OpenID support has been moved into a plugin. Add to your config.php:

addPlugin('OpenID');

OpenID-only mode

Can force all logins to require OpenID, so bare local account registration is not allowed:

$config['site']['openidonly'] = true;

Restricting Providers

You can use a combination blacklist and whitelist to restrict OpenID to specific providers:

This blacklists ALL OpenIDs

$config['openid']['blacklist'] = array('.*');

This whitelists OpenIDs from your domain. You can have multiple domains by adding more elements to the list.

$config['openid']['whitelist'] = array('^https?://example.com/');

Tech details

• Currently pulls some user info via sreg attributes -- full attribute chart OpenID/attributes
  • nickname
  • fullname
  • country + postcode -> location
  • email

Future

• Support for fetching additional user info via ax attributes?
• Tighter integration with immediate-mode session checks?

Troubleshooting

• The upstream php-openid library currently fails on PHP 5.3