google-openid

问题 It's a relatively well-known fact that Googles' OpenID Provider does not provide (no pun) username and various other properties, as well as that it generates really ugly claimed identifiers. However, in a recent Hanselminutes episode (at arount 21 minutes into the show) Andrew Arnott says that "Google has special requirements before they'll actually give a name and an email address". What are these requirements and how can one satisfy Google enough to make it actually return username and

问题 Before I dig into the details of implementing this particular design, I wanted some advice/validation on whether I was approaching it correctly. I have a beginners knowledge of Android, advanced beginner in Python, GAE, and OpenId. Environment Android application Web Services built in Python on Google App Engine User(s) with Google Account Scenario I want to enable sign-in capabilities in my Android application without writing my own authentication system in GAE. Within the app, the user

问题 I'm trying to implement OpenId login for a web application. Whenever new user who logs in via OpenId I create a new user on the sustem, and among the data I store their openid URL, so that next time they login with that user. I'm testing this with my Gmail OpenID, and the problem is that everytime I do this, Google sends a different openid URL, that is, https://www.google.com/accounts/o8/id?id=SomethingThatChangesFromTimeToTime Of course I'm then not able to tell wheter this is or not a new

问题 I am trying to implement OpenID as one preferred option to my next web app here The code is taken from this tutorial and works if I use my openID from myopenid.com However, I believe most people would just love to use their everyday email address as their openID, as far as I know, Google, Yahoo, and some other big players have already done this in their systems. My question is: how could I find the correct "url" to enter in the form to login? I used my Google OpenID account for StackOverflow

问题 I am new to OpenID, and want to implement Google OpenID authentication on my website. I could not found any examples. Can anyone suggest me some good tutorials (step by step) or any working example with code to implement Google OpenID authentication using PHP. 回答1: I'd suggest using LightOpenID. It's small, easy to use, and has working examples. You probably won't need a tutorial to use it. Another answer suggests using php-openid, but in my opinion, it's too complicated and has too many

问题 I'm trying to add authorization throw google openid to my users. I'm receiving id (https://www.google.com/accounts/o8/id?id=AIt...Ew-Bo) but how can i check that it's legit. I mean user can create malicious request with email of another user, how can i check that returning email and claimed id is legit? 回答1: Rather than trying to implement discovery and signature verification by yourself, you really ought to use one of the many libraries that have already been created for this purpose. Here

问题 I can't get a user's id_token (https://developers.google.com/accounts/docs/CrossClientAuth) from the Chrome identity api (https://developer.chrome.com/apps/identity). I can get an access_token using the chrome identity sample when the oauth section in the manifest is: "oauth2": { "client_id": "<chrome-app-client-id>.apps.googleusercontent.com", "scopes": ["https://www.googleapis.com/auth/plus.login"] } But when I try to get the id_token the same way I get it on my android client a get the

问题 I want to restrict login to a python application running on Google App Engine to members of a particular Google Apps Domain using OpenID. According to the thread How limit Google Federated Login to specific Apps domain? this could be accomplished by simply substitution the ordinary google openid autentication url https://www.google.com/accounts/o8/id with https://google.com/accounts/o8/site-xrds?hd=example.com This does however not seem to work using users.create_login_url() in GAE for Python

问题 I am using Openid4Java to implement Openid for my app on GAE. I am also using Shiro for security. The day before i had reached a stage where things were failing for credentials matching, i.e discovery, making auth request, getting claimed_id were all working. Yesterday all hell broke lose and since then discovery on Google is failing. things that i have verified: Yahoo is working fine (end to end)and Discovery for google is working fine on my local dev box(it ofcourse fails while returning to

问题 First of all, thanks you for your time and help. I have an app engine application that use federated login. However it is giving me 500 Server Error for the past 2 hours. Is it a known issue with this service at this momement? Thanks again. Bill 回答1: As per AppEngine's authentication documentation: ( Experimental ) Open to all users with an OpenID Provider: If your application uses authentication, anyone who has an account with an OpenID Provider may sign in. Google has announced deprecation