google-openid

Okay, so using passport.js works, and works well, from what I've seen. However, I'm not sure how to properly exclude certain users. If the application is intended to have restricted access, rather than just providing the user a method for logging in, how can I restrict the login through passport.js? As it stands, users can just visit /login and log in with their Google account, thereby getting access to the internals. Here is one way to do this, with comments throughout. The main thing is understanding this page from the author: http://passportjs.org/guide/authenticate/ , which I explain a

In the OpenID specs , it says: Identifier: An Identifier is just a URL. The whole flow of the OpenID Authentication protocol is about proving that an End User is, owns, a URL. Claimed Identifier: An Identifier that the End User says they own, though that has not yet been verified by the Consumer. Verified Identifier: An Identifier that the End User has proven to a Consumer that they own. Identity Provider: Also called "IdP" or "Server". This is the OpenID Authentication server that a Consumer contacts for cryptographic proof that the End User owns the Claimed Identifier. How the End User

I'm trying to implement OpenId login for a web application. Whenever new user who logs in via OpenId I create a new user on the sustem, and among the data I store their openid URL, so that next time they login with that user. I'm testing this with my Gmail OpenID, and the problem is that everytime I do this, Google sends a different openid URL, that is, https://www.google.com/accounts/o8/id?id=SomethingThatChangesFromTimeToTime Of course I'm then not able to tell wheter this is or not a new user. I'm a bit puzzled: shouldn't the openid identifier always remain the same? SztupY Google's OpenID

I'm having a heck of a time here trying to use google OAuth to authenticate users in my node express app. I can successfully do the OAuth, which returns a response like so: { access_token: 'token string', id_token: 'id.string', expires_in: 3599, token_type: "Bearer" } This all makes sense, but I can't for the life of me figure out how to decode the JWT. I am a bit inexperienced in all this, so this is all a bit foreign to me. Following the instructions listed here: https://developers.google.com/accounts/docs/OAuth2Login#validatinganidtoken I am attempting to decode the JWT locally in my node

I have searched high, low, far and wide but can not find anything on the Internet that lists the available attributes for these schemas. Does anyone know where the documentation is for these? so far I know of: http://axschema.org/namePerson/first http://axschema.org/namePerson/last http://axschema.org/contact/email http://schemas.openid.net/ax/api/user_id Well I cannot see axschema.org online anymore. But based on http://groups.google.com/group/axschema/browse_thread/thread/49312a23a7d5ecce# I think [ http://openid.net/schema] superseeds [ http://axschema.org] . Here is the list, also on http: