I'm trying to write the code to make the OpenID server automatically delegate to another OpenID configured by the user.
According to the spec at http://openid.net/specs/openid-authentication-1_1.html#delegating_authentication I need to know "openid.server" and "openid.delegate" - how do I get those 2 values from an OpenID? I could discover these values when the user enters their OpenID, and save them to the database. But what if the OpenID pointed to has a change? For example, what if the user enters an OpenID that delegates to somewhere else, and then the delegation configuration changes? (For example, the user enters "http://candrews.integralblue.com"; as their OpenID, which delegates to "http://candrews.myopenid.com"; then later, the user decides that "http://candrews.integralblue.com"; should delegate to "http://sf.net/candrews"; instead). So storing "openid.server" and "openid.delegate" to the database doesn't seem to work. We could discover these values when the page is rendered, but that means each hit to a profile page results in at least one HTTP request to the OpenID specified by the profile page's owner, and if that OpenID delegates to some place else, that's an additional HTTP request. This option seems too expensive. We could use memcache to mitigate the hits, but it still seems to be too much. So, in a nutshell, I don't know how to implement OpenID delegation. Help? Thanks, ~Craig _______________________________________________ StatusNet-dev mailing list StatusNet-dev@lists.status.net http://lists.status.net/mailman/listinfo/statusnet-dev
