changeset 4890:55dc44a8e9ee

Added config snippets and CHANGES documentation specific to OpenID updates with SREG and Teams extensions.
author Rowan Kerr <rowan@stasis.org>
date Wed, 22 Jul 2009 01:43:59 -0400
parents 6279b8badd5f
children 42b73b7ae79a
files docs/CHANGES.openid wiki/config/more_samples/openid_sreg_wikiconfig_snippet wiki/config/more_samples/openid_teams_wikiconfig_snippet
diffstat 3 files changed, 91 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/CHANGES.openid	Wed Jul 22 01:43:59 2009 -0400
@@ -0,0 +1,25 @@
+Version 1.9.?
+
+  New features:
+  * OpenID: Support for Simple Registration (SREG) extension.
+    Basic profile fields can be copied from OpenID provider when logging in.
+  * OpenID: Support for Teams extension.
+    If your OpenID provider supports the Teams extension (i.e. Launchpad),
+    MoinMoin can be configured to generate 
+  * OpenID: Ability to accept logins from specific OpenID providers.
+    Login form changes based on configuration for better usability:
+    * 0 providers: normal text input box for OpenID URL
+    * 1 provider: hidden field, automatic form submission with JavaScript
+    * 2+ providers: select field, uses directed identity
+
+  Fixes:
+  * OpenID request processing now works with new WSGI refactoring.
+  * Always return error messages with CancelLogin if OpenID process fails.
+
+  Other changes:
+  * Added disabled state for HTML select fields.
+  * Allowed disabling of timezone and language user prefs if they are
+    part of the user's login fields (i.e. OpenID SREG).
+  * Added option to disable local registration links and direct user
+    to registration page at an OpenID provider instead.
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/wiki/config/more_samples/openid_sreg_wikiconfig_snippet	Wed Jul 22 01:43:59 2009 -0400
@@ -0,0 +1,37 @@
+    # This is a sample configuration snippet that shows moin's openid sreg configuration
+    # See HelpOnOpenID, HelpOnAuthentication and HelpOnConfiguration for more info.
+
+    from MoinMoin.auth.openidrp import OpenIDAuth
+    from MoinMoin.auth.openidrp_ext.openidrp_sreg import *
+
+    auth = [
+        OpenIDAuth(modify_request=openidrp_sreg_modify_request,
+                   update_user=openidrp_sreg_update_user,
+                   create_user=openidrp_sreg_create_user),
+        # other auth methods can go here
+        #MoinAuth()
+    ]
+
+    cookie_lifetime = (1, 12)
+
+    # allow only certain OP's .. with directed identities
+    openidrp_allowed_op = []
+
+    openidrp_allow_registration = True
+    openidrp_registration_url = '' # url to your provider's registration page
+
+    # configurable SREG request values
+    # possible values:
+    #     nickname, email, fullname, dob, gender, country, language, timezone
+    # match these up with OpenIDRP.auth_attribs
+    #     ['name', 'email', 'aliasname', 'language', 'tz_offset']
+    openidrp_sreg_required = ['nickname', 'email', 'timezone']
+    openidrp_sreg_optional = ['fullname', 'language']
+    openidrp_sreg_username_field = 'nickname' #'fullname'
+
+    # don't let users change password or have multiple openid's
+    user_form_disable = ['changepass', 'oid']
+
+    # remove some options from the large user preferences form
+    user_form_remove = ['css_url', 'quicklinks'] #'password', 'password1', 'password2']
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/wiki/config/more_samples/openid_teams_wikiconfig_snippet	Wed Jul 22 01:43:59 2009 -0400
@@ -0,0 +1,29 @@
+    # This is a sample configuration snippet that shows moin's openid teams configuration
+    # See HelpOnOpenID, HelpOnAuthentication and HelpOnConfiguration for more info.
+
+    from MoinMoin.auth.openidrp import OpenIDAuth
+    from MoinMoin.auth.openidrp_ext.openidrp_teams import *
+
+    auth = [
+        OpenIDAuth(modify_request=openidrp_teams_modify_request,
+                   update_user=openidrp_teams_update_user,
+                   create_user=openidrp_teams_create_user),
+        # other auth methods can go here
+        #MoinAuth()
+    ]
+
+    cookie_lifetime = (1, 12)
+
+    # Launchpad Teams configuration
+    # list all teams you want to grant access to the wiki
+    openidrp_authorized_teams = ['team1', 'team2']
+
+    # ACL configuration, based on Teams
+    DesktopEdition = False
+    openidrp_acl_admin = 'AclAdmin'
+    openidrp_acl_page_postfix = 'Team'
+    acl_rights_default = u'Known:read,write All:read' #,write,delete,revert,admin"
+    acl_rights_before = u'%s:read,write,delete,revert,admin' % openidrp_acl_admin
+    acl_hierarchic = True
+    page_group_regex = ur'(?P<all>(?P<key>\S+)%s)' % openidrp_acl_page_postfix
+