I'm implementing OpenID support for a public website. Yahoo and Verisign openid authentication currently works fine. However, I cannot seem to connect to Google's endpoint. Below is the code: Usual initialization and stuff... my $csr = Net::OpenID::Consumer->new( ua => LWP::UserAgent->new(), consumer_sec...
I was under the impression that the open id for a user remains constant. I am allowing users to setup open id with my site with 2 different screens in my app... I was under the impression that the open id for a user is constant and will not change and I was planning to save it to my database for a given user, However, to my suprise, I...
I'm trying to implement OpenId login for a web application. Whenever new user who logs in via OpenId I create a new user on the sustem, and among the data I store their openid URL, so that next time they login with that user. I'm testing this with my Gmail OpenID, and the problem is that everytime I do this, Google sends a different ope...
I'm trying to add authorization throw google openid to my users. I'm receiving id (https://www.google.com/accounts/o8/id?id=AIt...Ew-Bo) but how can i check that it's legit. I mean user can create malicious request with email of another user, how can i check that returning email and claimed id is legit? ...
Hi, I am new to OpenID, and want to implement Google OpenID authentication on my website. I could not found any example. Can anyone suggest me some good tutorials (step by step) or any working example with code to implement Googl OpenID authentication using PHP. All helps are appreciated. Thanks, Navin ...
I am using JanRain OpenID Library PHP. I am trying out the consumer example in /example/consumer. Services like Google (or Yahoo) are not working, while other's like myopenid.com, blogger are working. My PHPinfo says that cURL and OpenSSL is enabled. Note that I also tried using LightOpenID Library (gitorious.org/lightopenid) which work...
I have implemented Google openid authentication for my web application (ruby on rails) , now once authenticated how am i suppose to get the status of that particular user ? like if the user which has been authenticated is a domain admin or not ? i have googled it a bit and came up with Google provisioning ApI and ClientLogin authenticati...
hi I'm use"PHP OpenID" for login with Google accounts into my site(forum and wiki) but when i send my profile address and i signed in bellow error are shown: OpenID authentication failed: Nonce already used or out of range 1.where is the problem and how can i fix it? 2.how can get picture and another information's from a Google profi...
In the OpenID specs, it says: Identifier: An Identifier is just a URL. The whole flow of the OpenID Authentication protocol is about proving that an End User is, owns, a URL. Claimed Identifier: An Identifier that the End User says they own, though that has not yet been verified by the Consumer. Ver...
Hi folks, I'm just wondering if all I need is the identity url in order to to theoretically attach an OpenID account to a user's account. I have identity urls that look like the following: https://www.google.com/accounts/o8/id?id=YGnyuGHMUmhUI98nuhUMhu98nuN. Is this different between OpenID 1.0 and 2.0? Just in case someone asks: I'm...
I'm moving an app to use only Google Federated Login (OpenID) for an application (we use google apps for everything and feel it would be easier to combine user management there). While I can successfully login and create users, my thoughts are now on security... When a user logs in I only have a "Log In" button - nothing else. The sit...
Anyone has a list of Direct OpenID Providers that utilize unbound discoverable URLs? So far, I have only found these: myopenid, yahoo, Hyves, myspace, myid.net, google, yahoo japan, AOL, Verisign. ...
I am just playing around with the OpenID protocol. I am trying to send Discovery request and retrieve the XRDS document from google . When I try to do it from the terminal using the curl, I am getting the following output curl --url "https://www.google.com/accounts/o8/id" <?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS xmlns:x...
In the association stage of the OpenID process, Diffie-Hellman is used to encrypt the OpenID.session_type value. For using diffie-hellman, we have to generate the value of dh_modulus(p) and dh_gen(g) values. My question is, do I have to generate p and g values each time I send a OpenID request to an OpenID Provider or only during those t...
Are https://www.google.com/accounts/o8/id and https://me.yahoo.com are Google's and Yahoo's OpenID Endpoint or the URL's to which I must send the discovery request, which in response will have the OpenID Endpoints? ...
My dears friend i´m try to get the email from google user that sign in with the OpenId but i can´t. I Have that code public ActionResult Google(FormCollection fc) { var openid = new OpenIdRelyingParty(); IAuthenticationResponse response = openid.GetResponse(); switch (response.Status) { ...
Hey there :) I've implemented OpenID-Login with Google. I can access the following attribute types 'contact/email', 'namePerson/first', 'namePerson/last' and 'pref/lang'. But I also wanna have the Google Account image/avatar. Concerning to the specs from http://www.axschema.org/types it should be 'media/image/default' or 'media/image/as...
I want my website to automatically detect if a user is logged into google. If they are, it checks the database to see if they are already registered. If they are registered, it logs them in to my site. Otherwise, it redirects them to the login page. I think it might be the experimental x-has-session but I've no idea how to implement it....
It's a relatively well-known fact that Googles' OpenID Provider does not provide (no pun) username and various other properties, as well as that it generates really ugly claimed identifiers. However, in a recent Hanselminutes episode (at arount 21 minutes into the show) Andrew Arnott says that "Google has special requirements before th...
The federated login works, now how do I enable OpenID logins like .blogspot.com? I've misunderstood how to enable federated logins and OpenID same time. Are these 2 different cases and can get combined? I can enable federated login with very little code. Then my openid I must've misunderstood since it links to google. Here's how I tried ...