Hey Manuel, You should keep working on what you started. While I hope to move quickly over the next few weeks and months on OpenID Connect, if you found something that will solve your problem today then you shouldn't wait.
--David On Sun, May 16, 2010 at 9:03 PM, Manuel Lemos <[email protected]> wrote: > Hello, > > With this thread of using oAuth 2 for identity I am confused to which > protocol should I use for a single sign-on solution that I need to > implement. > > Let me explain my case and see if anybody can clarify what is the best > solution for me. > > I have one site, lets call it site A, that has many user accounts. I > want to build another site, lets call it site B, but I do not want users > with accounts in site A to create new accounts to access site B. They > could just use the same account data from site A and use it in site B. > In the future I may have sites C, D, etc.. > > I thought of creating an OpenID authentication server, lets call it OP, > and migrate user account from site A to OP. When users go to site A or B > and need to login, they are redirected via OpenID to OP for authentication. > > If successful, OP passes site A or B the account, personal name, nick > name and e-mail when redirecting back to sites A or B, so those sites > always have copies of that account information for imediate use. > > If the user updates one of those details in site A or B, they push the > changes to OP and OP propagates the changes to the other site A or B > that also has the same user account. > > >From the specifications that I read, OpenID and its extensions can be > used the way I need. > > This will all be used only within my network sites. I do not intend to > allow users to autheticate with external OpenID providers, nor I want > other sites to use my OpenID provider to authenticate in other sites. > > Since this is meant for use restricted to my sites, I could invent a > proprietary protocol, but I thought it was better to not reinvent the > wheel. > > I will develop all the necessary components to implement the OpenID > provider and consumers with the needed extensions. Actually the consumer > component is mostly done. > > I was moving to the OpenID provider component when I noticed this thread > of using oAuth 2 for identity. So now I wonder if I am in the right > path? Shall I keep doing it with OpenID or shall I do it with oAuth 2? > Can anybody please shed some light so I can make the best decision? > > -- > > Regards, > Manuel Lemos > > Find and post PHP jobs > http://www.phpclasses.org/jobs/ > > PHP Classes - Free ready to use OOP components written in PHP > http://www.phpclasses.org/ > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
