google-openid

I'm working on an intranet django project (not using GAE) for a company that uses Google Apps for login. So I'd like my users to be able to log in to my django project using their google accounts login. OpenID seems appropriate, although maybe Oauth might work too? I see a lot of similarly named libraries out there to connect django's auth system to external login systems: django-authopenid - http://bitbucket.org/benoitc/django-authopenid django-openid - http://github.com/simonw/django-openid django-openidauth - http://code.google.com/p/django-openid-auth/ django-oauth - http://bitbucket.org

I got a little problem with the OAuth for Google, I use the Jim Saunder Libraire for CodeIgniter (http://codeigniter.com/wiki/OAuth_for_Google) but when I came to my access_youtube function, which look like that : public function access_youtube() { //STEP 2 // Here is the first call to load the library $params['key'] = 's390075769.onlinehome.fr'; $params['secret'] = 'iHD72YKzWmbm8VTwncht_E-d'; // We can change the signing algorithm and http method by setting the following in your params array. $params['algorithm'] = 'HMAC-SHA1'; // $params['method'] = "GET"; // We need to reload the library

I'm trying to use lightOpenID, which should be simple and a case of uploading the files then testing it works. When I use the example-google.php I get click the login button, the first time it asked me to login to Google and allow/remember the site I'm building. Then it redirects back to example-google.php?login and a load of attributes. But that page says "Forbidden. You don't have permission to access path/to/folder/example-google.php on this server." if I delete the attributes including ?login in the url, then I get the "Login with Google button" so clearly I do have file permissions

What is the correct oauth2 flow for a desktop application? Besides a desktop application I have a SPA Web GUI which does use the Implicit flow. There it does not matters if the client Redirects after 3600s to the IdP to issue a new Access token. But the desktop application needs to be running 24/7 or could be running 24/7. So it needs to automatically refresh the access token via a refresh_token. But since the implicit flow does not provide refresh tokens it is probably the wrong flow for a desktop app, isn't it? I guess I need the auth code flow, which does provide a refresh_token. But

The OpenID plugin for WordPress doesn't seem to accept either of the Google OpenID provider links: http://google.com/profiles/username or https://google.com/accounts/o8/id It returns the error (for both): Could not discover an OpenID identity server endpoint at the url: http://google.com/profiles/username Any idea why? The janrain engage plugin works, but I can't use that because of other issues with that. The problem is solved. Since Google, Yahoo and some other OpenID providers provide https endpoints, curl tries to verify the other end when making a POST request to it -- since curl does not

I'm confused about facebook and whether or not facebook is an openid provider like google. According to this link: http://developers.facebook.com/blog/post/246/ , facebook is an openid relying party. What does that mean, and is that different from an openid provider like google. Basically, I am currently using lightopenid to allow users to use their openid's to log into my site, but can't seem to find a url for facebook's openid authentication to do this. I have seen a question similar to this which confuses me because in that question, the questioner was told that facebook is not an openid