I'm getting confused.
I was able to make openid login kinda work using LightOpenID.
All I get doing that is just an openid_identity
such as "https://www.google.com/accounts/o8/id?id=xxx
". Pretty disappointing: I was expecting to get the email address too.
i.e. I need to login (that's what openid does) and to know the email address of the google account the user used to login.
There is the function $openid->getAttributes()
but all I get from that is just an empty array: I guess google isn't going to give me anything else than that openid_identity
.
So I guess I'm supposed to use OAuth
, right?
I'm clueless about that.
I've only found horrible and confused documentation, that either pretends to explain everything (and I do mean everything), or it fails explain anything at all.
Yes, of course I've tried to look at the previous posts about that, just as I did search on google. Read again the above paragraph, please.
I've just discovered LightOpenID and I think it's wonderful. I've managed to get the email address, the first and last name and the prefered language using the following modification of example-gmail.php
:
<?php
require_once('openid.php');
if (empty($_GET['openid_mode']))
{
if (isset($_GET['login']))
{
$openid = new LightOpenID();
$openid->identity = 'https://www.google.com/accounts/o8/id';
$openid->required = array('namePerson/first', 'namePerson/last', 'contact/email', 'pref/language');
header('Location: ' . $openid->authUrl());
//header('Location: ' . str_replace('&', '&', $openid->authUrl()));
}
else
{
echo '<form action="?login" method="post">' . "\n";
echo '<button>Login with Google</button>' . "\n";
echo '</form>' . "\n";
}
}
else if ($_GET['openid_mode'] == 'cancel')
{
echo 'User has canceled authentication!';
}
else
{
$openid = new LightOpenID();
echo 'User ' . ($openid->validate() ? $_GET['openid_identity'] . ' has ' : 'has not ') . 'logged in.';
echo '<pre>';
print_r($openid->getAttributes());
echo '</pre>';
}
?>
I changed the code to make it a little more readable, the output:
User https://www.google.com/accounts/o8/id?id=*** has logged in.
Array
(
[namePerson/first] => Alix
[contact/email] => ***@gmail.com
[pref/language] => en
[namePerson/last] => Axel
)
I still can't get the postal code and others from Google but I've had success with myOpenID.com.
You can use OpenID's attribute exchange. See the Google documentation here (in particular, openid.ax.type.email
).
OAuth and OpenID are not the same. They solve completely different things. I'm going under the assumption you checked out: Federated Login for Google Account Users it has a bit more explanation on how the accounts work for Google Accounts.
Solutions:
- This is in Python but you should be able to adjust it accordingly for PHP.
- This is in .Net - again you should be able to change the AX mode yourself.
Having a Google account doesn't mean you get a gmail account. You can start a Google account with any email address.
Having said that I don't think its part of the spec to return email addresses or login data as part of the identity.