OpenID Integration

This wiki page contains informations and discussions in some way related to OpenID integration into merbful_auth. OpenID is supposed to be a first class citizen in merbful_auth, along with the local login.

- Unique Nickname. This will be aliased to login. When signing up, if the nickname is not provided

• Using OpenID, try the nick from openid. If it is unique, use it. If not, add some numbers on the end until it is. If none is provided use the identity_url

• Using normal signup, grab the name from the email address and use it if unique, or append some numbers on the end until it is.

- Drop the login field for logging into the account. Use only the email field for normal, or API style logins.

Map local accounts to OpenID accounts – scenarios:

1) You login for the first time with OpenID - local account gets created without password. 
   One can add the password for local account later on.

2) You have a regular account, and assign a openid account to it later on. One can login with either
   regular or OpenID account.

- require email confirmation for OpenID accounts if OpenID provider is not on the whitelist

- ACTION: User logins with OpenID account for the first time

- CHECK: Fetch Display name from OpenID provider, and test uniqueness

- RESPONSE: If not unique, ask the user to choose local unique Display name
- ALTERNATE RESPONSE: stick the identity url in the display name and let the user change it later.

OpenID providers whitelist

This list is consisted of OpenID providers that are believed by merbful_auth developers to provide meaningful identity checks.