Google Apps for Domains support is coming
177 views
Skip to first unread message
Andrew Arnott
Nov 29, 2009, 10:51:22 AM11/29/09
to dotnetopenid
DotNetOpenAuth v3.4 will feature support for Google Apps for Domains OpenID logins.
There's been considerable interest in this feature, and the code change to support it may be in a good direction anyway.
I have a working prototype of it in DNOA already, but it's implementation is incomplete. I'll keep you all apprised. If you've been hurting for this feature, please consider a donation.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
iZ
Dec 9, 2009, 1:49:29 PM12/9/09
to DotNetOpenAuth
Great news!! Until this is ready, is there any way at all to use
Google Apps for Domains as an OP without hosting your own xrds?
Using https://www.google.com/accounts/o8/site-xrds?hd={domain name}
will get me to where I can log into my domain account and authorize
but upon returning to my page, I get:
The OpenID Provider issued an assertion for an Identifier whose
discovery information did not match
and the "Discovered Endpoint info" is [].
Is this because the user-discovery url on google domains is different
than the site-discovery url? Are there any work arounds?
Thanks!
On Nov 29, 10:51 am, Andrew Arnott <andrewarn...@gmail.com> wrote:
> DotNetOpenAuth v3.4 will feature support for Google Apps for Domains OpenID
> logins.
>
> There's been considerable interest in this feature, and the code change to
> support it may be in a good direction anyway.
>
> I have a working prototype of it in DNOA already, but it's implementation is
> incomplete. I'll keep you all apprised. If you've been hurting for this
> feature, please consider a donation <http://pledgie.com/campaigns/2678>.
Google Apps for Domains as an OP without hosting your own xrds?
Using https://www.google.com/accounts/o8/site-xrds?hd={domain name}
will get me to where I can log into my domain account and authorize
but upon returning to my page, I get:
The OpenID Provider issued an assertion for an Identifier whose
discovery information did not match
and the "Discovered Endpoint info" is [].
Is this because the user-discovery url on google domains is different
than the site-discovery url? Are there any work arounds?
Thanks!
On Nov 29, 10:51 am, Andrew Arnott <andrewarn...@gmail.com> wrote:
> DotNetOpenAuth v3.4 will feature support for Google Apps for Domains OpenID
> logins.
>
> There's been considerable interest in this feature, and the code change to
> support it may be in a good direction anyway.
>
> I have a working prototype of it in DNOA already, but it's implementation is
> incomplete. I'll keep you all apprised. If you've been hurting for this
Andrew Arnott
Dec 9, 2009, 1:53:23 PM12/9/09
to dotnet...@googlegroups.com
Hi iZ,
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
You must host your own XRDS file to get Google Apps for Domains support at RPs that don't explicitly support Google Apps for Domains. No way around that -- in fact the self-hosted XRDS is the workaround. :)
You can use it now if you'd like. Just go grab a nightly build from the master branch on TeamCity. Google Apps support is done -- v3.4 just hasn't been released yet because more changes are coming.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
iZ
Dec 9, 2009, 3:34:56 PM12/9/09
to DotNetOpenAuth
Cool - I've grabbed that version and the sample page using the control
works fine! However, when trying to use it programmatically, I've
added:
OpenIdRelyingParty openid = new OpenIdRelyingParty();
IAuthenticationRequest req = null;
openid.DiscoveryServices.Clear();
openid.DiscoveryServices.Insert(0, GoogleAppsDiscovery);
req = openid.CreateRequest(domain);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired
(WellKnownAttributes.Contact.Email);
req.AddExtension(fetch);
req.RedirectToProvider();
Upon returning, I still get that "The OpenID Provider issued an
CreateRequest()?
On Dec 9, 1:53 pm, Andrew Arnott <andrewarn...@gmail.com> wrote:
> Hi iZ,
>
> You must host your own XRDS file to get Google Apps for Domains support at
> RPs that don't explicitly support Google Apps for Domains. No way around
> that -- in fact the self-hosted XRDS *is* the workaround. :)
works fine! However, when trying to use it programmatically, I've
added:
OpenIdRelyingParty openid = new OpenIdRelyingParty();
IAuthenticationRequest req = null;
openid.DiscoveryServices.Clear();
openid.DiscoveryServices.Insert(0, GoogleAppsDiscovery);
req = openid.CreateRequest(domain);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired
(WellKnownAttributes.Contact.Email);
req.AddExtension(fetch);
req.RedirectToProvider();
Upon returning, I still get that "The OpenID Provider issued an
assertion for an Identifier whose discovery information did not match"
error :( Shoul di be passing anything other than the domain to
CreateRequest()?
On Dec 9, 1:53 pm, Andrew Arnott <andrewarn...@gmail.com> wrote:
> Hi iZ,
>
> You must host your own XRDS file to get Google Apps for Domains support at
> RPs that don't explicitly support Google Apps for Domains. No way around
>
> You can use it now if you'd like. Just go grab a nightly build from the
> master branch on TeamCity <http://teamcity.dotnetopenauth.net>. Google Apps
> You can use it now if you'd like. Just go grab a nightly build from the
Andrew Arnott
Dec 9, 2009, 4:10:00 PM12/9/09
to dotnet...@googlegroups.com
Where are you getting your GoogleAppsDiscovery instance? You need to set HostMetaDiscoveryService.UseGoogleHostedHostMeta = true on that instance for Google Apps to work.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
iZ
Dec 9, 2009, 4:14:31 PM12/9/09
to DotNetOpenAuth
Yes - I have that in the page as well:
private HostMetaDiscoveryService GoogleAppsDiscovery = new
HostMetaDiscoveryService
{
UseGoogleHostedHostMeta = true,
};
private HostMetaDiscoveryService GoogleAppsDiscovery = new
HostMetaDiscoveryService
{
UseGoogleHostedHostMeta = true,
};
Andrew Arnott
Dec 9, 2009, 4:15:58 PM12/9/09
to dotnet...@googlegroups.com
And are you adding this extra discovery service to the OpenIdRelyingParty instance that you use to receive the response?
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
iZ
Dec 9, 2009, 4:23:18 PM12/9/09
to DotNetOpenAuth
I was not. But now I am. And now it works :) Thanks so much!!!!
Reply all
Reply to author
Forward
0 new messages