tags:

views:

429

answers:

2
Q: 

Different Access token every time - using Google OAuth and Authlogic

Greetings!

I have some troubles enabling OAuth authentication for my web application running on Ruby on Rails. I am using authlogic and authlogic_oauth and that is, in the end, using OAuth gem and therefore I decided to ask here. So shortly:

I succesfully "register" (i.e. obtain the first Access Token for the user) but then, whenever I try to "login", I receive a differenct access token for the same Google Account, the Authlogic-oauth plugin fails to find the user and the login crashes. Maybe I don't understand it right but is not the AT supposed to be the same every time. And can it be a problem that I am accessing Google from http://localhost even though the Customer keys are for different domain?

anyway, thanks for any reply ... I spend already 2 days with that issue and debugging doesn't seems to lead me anywhere

Jakub

PS: I sent that question on Google Group oauth-ruby - sorry to anyone reading both channels

+1  A: 

The AT is supposed to be different every time. OAuth is not an authentication protocol, it is an authorization delegation protocol. Try using OpenID instead: http://code.google.com/apis/accounts/docs/OpenID.html

Jonathan  2009-12-14 03:04:52
Thanks for the anwer! Guess I can take your word for it since I am quite new fish in this pool. But how is it that there are apps using it like authentication? For example http://github.com/jrallison/authlogic_oauth is meant exactly like that. See live example at http://authlogic-oauth.heroku.com . I don't really get it.
Jakub  2009-12-16 15:31:18
That app seems to be using Twitter's OAuth provider, which presumably doesn't have the property of giving out different auth tokens each time.
Jonathan  2009-12-30 16:49:48
+1  A: 

Twitter does not give out different tokens which allows OAuth to be used as an authentication mechanism. LinkedIn doesn't do that meaning you may only use OAuth as an authorization protocol (which is what it was intended to do).

However, there is a useful API for pulling in data from LinkedIn. Of particular interest could be the Profile API.

yonkeltron  2010-03-23 18:07:29

related questions

How can I get a history of the number of pages in Google's index for a particular site?
How can I get a history of a website's PageRank?
Integrating with Google Docs
Tool/framework for automated web app testing in Google Chrome browser?
Google Authentication API: How to get the user's gmail address
How to Crack Google?
How can I get Google Charts to display multiple colors in a scatter chart?
Best way to implement Google Custom Search on an aspx page
How to compile a java application which uses Google webdriver from comand line without ant
Biggest differences of Thrift vs Protocol Buffers?
Google maps style scrolling anyone?
How to make Flex RIA contents accessible to search engines like Google?
Blocking part of a website
Getting Good Google PageRank
How does google make make those awesome PDF reports in Analytics and when you print a Google Doc etc?
How do you implement a "Did you mean"?
Google using non-alphanumeric characters
how to get the googlebot to get the correct GEOIPed content!?
Using VLOOKUP in an array formula on Google Spreadsheets
The Google Calculator Glitch, could float vs. double be a possible reason?
Google Analytics Access with C#
Picasa Plugin
Java code for WGS84 to Google map position and back
Stand alone charts in GWT
Options for Google Maps over SSL