General plugins (Local): OpenID provider

Maintained by Picture of Hubert Chathi Hubert Chathi
Enables Moodle to act as an OpenID provider
42 sites
1 fans
Moodle 2.0, 2.1, 2.2, 2.3, 2.4

This plugin allows users to log into OpenID-enabled websites using their Moodle account.  It supports the Simple Registration (SReg) and Attribute Exchange (AX) OpenID extensions.


Picture of Hubert Chathi
Hubert Chathi (Lead maintainer)
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Anthony Borrow
    Sat, 24 Dec 2011, 5:14 AM
    Hubert - This plugin is actually a patch and I will want to review it more carefully as we are trying to discourage plugins which require patching core code. Thanks for your patience. Peace - Anthony
  • Anthony Borrow
    Sat, 24 Dec 2011, 5:35 AM
    p.s. I also think it would be helpful if the files had licensing information to make it explicit that the code is GPL.
  • MD shot of me from his iphone4
    Tue, 5 Feb 2013, 12:01 PM
    this entry is currently unapproved.
    Should we keep it here as currently being worked on, delete it or consider putting it into the "Others" category if it still doesn't conform to plugin standards?

    i think : "Others" category - but we do need the GPL information.
  • Picture of Hubert Chathi
    Tue, 5 Feb 2013, 11:13 PM
    Aparup, the current version of the plugin does have GPL information, so that should be fine.
    The plugin contains two patches that are optional and not required for the plugin to work. There is also an optional installation step of copying libraries into Moodle's PEAR directory. So basically, the things that are not normal plugin things are optional. IMHO, that shouldn't disqualify it as a local plugin, but if it does, then I'm fine with moving it to the "Others" category.
  • MD shot of me from his iphone4
    Thu, 7 Feb 2013, 10:03 AM
    Hi Hubert,
    I've had a look and i do see the GPL.

    Now that i've read it i tend to agree it its fine for the 'local' category as it won't compromise any automated installation processes. i do think that the readme should mention the plugin works fine without those steps (2 - thru 4).

    The other thing is that the 'readme' is easier to read when its readme.txt smile.

    In any case, publishing this now, its been too long.
  • MD shot of me from his iphone4
    Thu, 7 Feb 2013, 10:05 AM
    Please consider adding to the 'useful links' section (bug tracker, docs)
  • Picture of David Aylmer
    Tue, 20 Aug 2013, 9:20 PM
    Worthy of note: The function getBytes in local\openid_idp\openid-php\Auth\OpenID\CryptUtil.php (JanRain) attempts to read from '/dev/urandom' for maximum entropy when generating random strings.

    Obviously '/dev/urandom' is unix specific and doesn't function on windows.

    The workaround error message provided "Define Auth_OpenID_RAND_SOURCE as null to continue with an insecure random number generator." isn't satisfactory from a security standpoint.

    I've found two (secure) workarounds (for PHP > 5.3) when running on windows.

    Prior to the call to:
    $f = @fopen(MCRYPT_DEV_URANDOM, "r");

    1. return bin2hex(mcrypt_create_iv($num_bytes, MCRYPT_DEV_URANDOM));
    2. return openssl_random_pseudo_bytes($num_bytes);

    Hopefully this helps someone


  • Picture of Tim Silva
    Fri, 6 Nov 2015, 2:52 AM
    FYI: This plugin will not install on Moodle 3.0 due to missing $plugin->component in version.php
Please login to post comments