Friday, September 25, 2009

Optimal OpenID UX finally underway

I’m finally making progress on building a set of HTML and javascript files that can be used on any OpenID relying party web site to allow visitors to easily log in with OpenID, without even knowing what OpenID is.  I mentioned my goal to do this some time ago, and now I have a small partially functional prototype.  Please try it out, and keep coming back and letting me know what you think of it and where you’d like to see it go.

Try out the OpenID login experience.  Remember to comment on what you like and dislike, and what aspects you’d like to see added or changed.

At the moment, I’m struggling to decide whether to go with a fully bona fide popup window or a Javascript in page dialog.  So I provide two links at the top of the page so you can try out each one.  If we don’t go with the full popup window, we’ll have to either redirect the whole page to the Provider, which is sub-optimal for the user and for the RP, or we can use a popup window once the user has selected their OP.

Monday, September 07, 2009

How to easily fetch OpenID attributes, regardless of the Provider

In a previous article, I bemoan the pain of writing an OpenID Relying Party that wants to fetch user attributes from their OpenID Provider, because of the at least 4 ways in which those attributes must be requested.  And then later I promised that DotNetOpenAuth would offer help to alleviate that pain.  That help has come.  It actually came way back on June 26, 2009.  But only now did I officially document that help.

Introducing the AXFetchAsSregTransform “behavior”, which is now fully documented on the project wiki site.  I’ve spent some time recently (and will spend more in the near future) documenting the common scenarios that people have questions about, and since it is on the wiki instead of only on this blog, it will be more likely to be updated as new versions of the library come out.

The AXFetchAsSregTransform behavior makes it so that all you have to do is work with ClaimsRequest and ClaimsResponse – no matter what Provider you’re talking to.  If the Provider only supports AX, it Just Works because the special behavior will automatically translate your sreg request into an AX request, and then translate the response back from AX to sreg.  Woot.