OpenID via XMPP… via Mozilla


Gabriele periodically visits the continuum-B of the multiverse to chase obscure vernacular languages across the underground of Italian linguistics. (The time spent inside what I suppose is the continuum-A is devoted to chasing obscure programming languages across the underground of the Internet.)

I have the unfortunate tendency of listening, reluctantly but closely, to crazy people, so when he tells me “you should implement OpenID via XMPP in Firefox”, I reply “forget it, I don’t have the time”. A couple of evenings later, I’m trading two hours of sleep for a basic implementation. Oh well.

The package for Firefox and Flock is here (XPI install, 4KB) and the darcs repository is here. You’ll probably want to use this with SamePlace, but the only strict prerequisite is xmpp4moz. Update 2007-05-25: This is now available as a scriptlet! (What are scriptlets?)

I tested it with the page at xmpp.za.net. Load the page, enter your Jabber ID or GMail address (the latter apparently needs the full ID, e.g. joe@gmail.com/SamePlace), make up a transaction identifier (e.g. “riffraff”) and soon you should see a confirmation dialog pop up and ask for your authorization.

At this time, the whole source is just one page long, so if you’re thinking of hacking it, have no fear and go ahead.

Update: For those who can read Italian, Gabriele has written a nice article about this for the Italian OpenID blog. There I learned that using XMPP in this context gives a serious stab at the issues with phishing usually brought up about OpenID. Cool!

Share
  • Trackbacks are closed
  • Comments (6)
  1. wonderful! to close the loop and give users the ability to identify themself via xmpp4moz everywhere and openid is accepted we’ll need an openid request proxy…

  2. xmpp.za.net says this after login (slightly edited to keep things out of spambots’ jaws):

    Using Your Own OpenID URL

    Your OpenID is:

    http://openid.xmpp.za.net/bardATsameplaceDOTcc

    You can use your own URL as your OpenID. Just edit the
    <head> section of your URL’s web page and add this content:

    <link rel=”openid.server” href=”http://openid.xmpp.za.net/server”>

    <link rel=”openid.delegate” href=”http://openid.xmpp.za.net/bardATsameplaceDOTcc”>

    Then you can use your URL to authenticate to this server.

    Does that come close?

    • Florob
    • April 13th, 2007

    I have to admit you confused me a bit. Does this extension implement a full OpenID server or just XEP-70 which you can then use with a XEP-70 enabled OpenID server. I assume it’s the second, but in this case I can’t see why this would be OpenID specific. Can you enlighten me?

  3. You’re correct, it implements the second (sorry about not being clear enough about it) and it is not OpenID specific. The post focuses on OpenID so that hopefully Gabriele stops bugging me. :-)

  4. Unfortunately I can’t read Italian. Could you post a short summary of Gabriele’s article?

  5. Twipe,

    This lacks Gabriele’s wit but has more or less the same information: http://sameplace.cc/wiki/openid-integration

Comments are closed.