Brion Vibber authored
OpenID access control options: trusted provider URL, Launchpad team restrictions. Added an admin panel for setting these and OpenID-only mode, off by default. To enable the admin panel: $config['admin']['panels'] = 'openid'; Or to set them manually: $config['openid']['trusted_provider'] = 'https://login.ubuntu.net/'; $config['openid']['required_team'] = 'my-project-cabal'; $config['site']['openidonly'] = true; OpenID-only mode can still be set from addPlugin() parameters as well for backwards compatibility. Note: if it's set there, that value will override the setting from the database or config.php. Note that team restrictions are only really meaningful if a trusted provider is set; otherwise, any OpenID server could report back that users are members of the given team. Restrictions are checked only at OpenID authentication time and will not kick off people currently with a session open; existing remembered logins may also survive these changes. Using code for Launchpad team support provided by Canonical under AGPLv3, pulled from r27 of WordPress teams integration plugin: https://code.edge.launchpad.net/~canonical-isd-hackers/wordpress-teams-integration/trunk7c828ae5
To learn more about this project, read the wiki.