Plugin: openid
Author: Joey
Included in ikiwiki: yes
Enabled by default: yes
Included in goodstuff: no
Currently enabled: yes
This plugin allows users to use their OpenID to log into the wiki.
The plugin needs the Net::OpenID::Consumer perl module. Version 1.x is needed in order for OpenID v2 to work.
The LWPx::ParanoidAgent Perl module is strongly recommended. The LWP module can also be used, but is susceptible to server-side request forgery.
The Crypt::SSLeay Perl module is needed to support users entering "https" OpenID urls.
This plugin is enabled by default, but can be turned off if you want to only use some other form of authentication, such as passwordauth.
options
These options do not normally need to be set, but can be useful in certain setups.
openid_realmcan be used to control the scope of the openid request. It defaults to thecgiurl(oropenid_cgiurlif set); only allowing ikiwiki's CGI to authenticate. If you have multiple ikiwiki instances, or other things using openid on the same site, you may choose to put them all in the same realm to improve the user's openid experience. It is an url pattern, so can be set to eg "http://*.example.com/"openid_cgiurlcan be used to cause a different than usualcgiurlto be used when doing openid authentication. Theopenid_cgiurlmust point to an ikiwiki CGI, and it will need to match theopenid_realmto work.
troubleshooting
See troubleshooting for a number of issues that may need to be addressed when setting up ikiwiki to accept OpenID logins reliably.
delegation
This plugin does not take care of doing the "server" part of the OpenID protocol, only the "client" part. In other words, it allows users to login to your site through OpenID, but is not in itself an OpenID provider.
It is possible, however, to use your Ikiwiki site as a delegation
point to another OpenID provider. For this, use the
meta directive with the openid parameter.