views:

291

answers:

1

Hello

I am looking into authenticating via google.

I dont understand how it works:http://code.google.com/apis/accounts/docs/OpenID.html#Samples If i do that 2nd request by entering the data as one url with params into browser i get back XML file. Should i not get back sample response nr3?

Can somebody explain this to me?

The problem is, that im trying to sort through some third party app that uses google openid authentication and its not recieving authenticated users e-mail back, like in sample response 3.

Alan

PS i have read through similar questions and their responses and gone through pages like: http://stackoverflow.com/questions/353880/how-does-openid-authentication-works http://www.windley.com/archives/2006/04/how_does_openid.shtml http://tinisles.blogspot.com/2008/02/how-does-openid-work.html http://openid.net/pres/protocolflow-1.1.png

etc..

A: 

What sort of XML file?

Remember that a checkid_setup request like that isn't something your application is meant to make with a direct connection, it's a request that's sent from the user's browser. So the response is going to be something for the browser to parse, prompt the user to log in if necessary, maybe ask the user for permission or which values it should send back, and only after all of that send back a redirect like in the sample response.

keturn
Well, go to http://code.google.com/apis/accounts/docs/OpenID.html#Samples and copy that 2nd request example to your browsers address bar, and see what kind of xml you get. Am i reading the api that wrong? I read from there that i do the request and get bunch of stuff in return...
Zayatzz
Oh, they've got the wrong URL in there. `/accounts/o8/id` is the OP Identifier URL, and you want to send the request to the server endpoint. Try the same query at https://www.google.com/accounts/o8/ud .
keturn
The url is correct i think - the same stackoverflow sends request to that url too.
Zayatzz
http://tinisles.blogspot.com/2008/02/how-does-openid-work.htmlStill had best description of how the open id authentication works.
Zayatzz
@Zayatzz - thanks for the blog link/feedback :)
russau