How to automate OpenID login with a google apps domain using DotNetOpenAuth

Question

I am trying to implement OpenId for an internal web app. Our college is on Google Apps for Edu, so we have the suite of Google OpenID and OAuth exposed to us.

I would like my login page to have the standard username and password, and additionally a button on the side that will authenticate internal users to our app domain.

I have followed the example here http://www.dotnetopenauth.net/developers/code-snippets/programmatic-openid-relying-party/ but it seems that the rules are different for the google apps id than a general google id.

Any help or further documentation would be helpful.

Answer 1

I have the same problem as you.

For your Google Apps login, your relying party URL is https://www.google.com/accounts/o8/site-xrds?hd=example.comsite-xrds?hd=example.com

Where you replace example.com with your URL.

However, As far as I can tell, dotnetopenauth does not handle the protocol extensions google uses when it returns.

However, using https://www.google.com/accounts/o8/id works perfectly fine.

Using this url, you pass off users to Google to login. Google will check for cookies and prompt for a login if required. if not it'll just confirm with the user that they want to associate their authentication with this site and pass you back.

Still trying to get dotnetopenauth to accept the new url(https://www.google.com/accounts/o8/site-xrds?hd=example.com)