Whilst I have really enjoyed building this little website, and slowly beginning to write a little more, one thing that has troubled me the whole time is how to facilitate conversation on the topics I bring up in a way that I can believe that the person making a comment is actually who they say they are. Or, at least, they are the same person I interact with on other platforms as that identity.
"Oh that's easy!", I hear you say, "Just use a tool that allows someone to login using their identity elsewhere - lots of ways to do that, such as OpenID."
Well, you are right, and I have successfully implemented the OpenID Connect module and configured it to allow login from Google and GitHub accounts. This works just fine but I do think I'm missing the most important identity provider to me of all: Drupal.org
I suspect I'm not the only Drupal-focussed person who would benefit from being able to allow login to their website or service with a Drupal.org identity.
I watched a rather good video the other night, by TechAltar, that talked about the diversification of Mozilla's product catalog to reduce their dependence upon the Google payment to appear as search provider in Firefox.
The moment in this video that stuck out to me most was the concept of many "$5 products" – things Mozilla could sell, like their VPN service, for a fixed low price and not needing to be beholden to any other organisation, like Google. The principle benefit being that Mozilla could ensure that their values, like privacy, are built right into their products.
I think, maybe, we can do something similar with "Drupal identity". If the Drupal Association were to provide a Drupal identity service, that allowed websites etc related to the project to allow "login via Drupal", we could see a number of benefits:
- It would be far easier to believe that the person on your website claiming to be "webchick" is actually the same "webchick" that does a bit of Drupal now and again
- There are a whole bunch of community safety things we can work on into the future, too. For example, if Drupal Camps were logging people in via this, we could ensure that any people who the Community Working Group have said should not be attending in-person events can't even buy a ticket
- We could charge the website owner a fee to add the service to their website. This reduces the Drupal Association (and, therefore, the project as a whole's) reliance on a single income stream, DrupalCon. Even if that fee was really quite low - even as low as $5 a month - it keeps adding up in the same way as the Drupal Swag Shop does
Am I onto something here? Is this a service that would improve our community whilst also ensuring its financial sustainability? Is it a service that a website owner would pay $5 a month for?
Let me know! Of course, at the moment, you'll only be able to login via GitHub or Google - the Drupal identity service doesn't exist yet!
Maybe it would be better to…
Maybe it would be better to provide this feature as a benefit for Drupal Association members. Right now there is no added value for me as a DA member compared to non-members - all of us are able to use drupal.org, create projects, publish code and run tests on the DA-paid test runners. Of course I don't count good feeling as a benefit :) Besides, I think that this feature would be the most useful for community pages and drupalcamps and these pages can give the DA valuable information - how many camps does user visit, etc. - as counter value.
Just a brief comment about…
Just a brief comment about your GitHub integration - it creates images without extension, so it behaves as invalid image. I had to re-upload mine. Are you using social auth suite? It was working quite well as far as I remember.
Yes, I had noticed that! I'm…
Yes, I had noticed that! I'm using openid_connect at the moment - mainly as it means I can add any arbitrary compatible service, rather than specific ones.
I'll look into the issue, though
OpenID Connect needs patches and RTBCs :)
Co-maintainer of the openid_connect module here.. Rachel here just basically RTBCd the LinkedIn client with this site here. But of course there are a few bugs.. Not sure how she configured the picture mappings, but it seems that might need some other eyeballs. Please contribute: https://www.drupal.org/project/issues/openid_connect
As it happens, I was…
As it happens, I was thinking along the same lines - having a paid service but making one of the ways of paying to be a member. I think both are needed.
I was about to agree with miromichalicka with this being a DA benefit. But I think I have to more agree with this take on it. Both are needed. I would love to have this available as well.
Log in with Drupal is a…
Log in with Drupal is a great idea. Good for Drupal users and potentially good promotion of Drupal itself. I wouldn't want to pay for it though. Alternate revenue streams is important, but this doesn't strike me as a good solution for that. I'd love to see "Log in with Drupal" implemented!
I have wanted this for…
I have wanted this for ContribKanban (https://contribkanban.com/) for a loooong time. Logging in with GitHub doesn't make sense. But logging in via Drupal and getting account meta is perfect.
Yeah. Clearly, we agree!
Yeah. Clearly, we agree!
Great idea, Rachel. I'd…
Great idea, Rachel. I'd subscribe for the added benefit of Drupal.org's anti-spam account measures working to my benefit. Contrary to previous commenters, though, I don't think making this free for D.A. members is a great idea... if we race to give everything away for free, we leave the feature underfunded and never manage to diversify the D.A.'s revenue. However, perhaps a bulk discount or some other visibility benefit on top of the base service would be in order.
mystery repeats :)
A very good point! In fact, we used to have this (grandpa speaking) as one can still see by looking at https://www.google.com/search?rlz=1C5CHFA_enNL920NL922&sxsrf=ALeKk03pq7… for example. back in the days, drop.org (the precursor of drupal.org) was the identity provider of Drupal.org and other sides. This was before the concept of OpenID as a federated identity provider was standardised and the implementation was kind of not that secure (all sites where one logged in, had your password).
It has been discussed later to do right at https://www.drupal.org/project/infrastructure/issues/353425 as well.
I do think that 5 euros a month will not be enough to do the accounting, billing, reporting and deliver the service with a SLA however.