Ma.gnolia and EAUT

4 views
Skip to first unread message

la...@ma.gnolia.com

unread,
Jul 21, 2008, 2:46:02 PM7/21/08
to Email-Address-To-URL Transform (EAUT)
Just wanted to let everyone know that we just deployed EAUT support
over at Ma.gnolia (http://ma.gnolia.com). You can now type in your
email address in the OpenID field and we'll resolve using EAUT with
http://emailtoid.net/ as the default.

As part of our implementation, we've written an RoR plugin, which we'd
love to release as open source and contribute back to the project.

Larry

Chris Messina

unread,
Jul 21, 2008, 2:53:49 PM7/21/08
to ea...@googlegroups.com
This is great -- but where does one enter their email address? When using the OpenID signin form? Perhaps you could offer as examples "E.g. http://claimid.com/[OpenID Name] or la...@ma.gnolia.com".

Chris
--
Chris Messina
Citizen-Participant &
 Open Source Advocate-at-Large
factoryjoe.com # diso-project.org
citizenagency.com # vidoop.com
This email is:   [ ] bloggable    [X] ask first   [ ] private

Will Norris

unread,
Jul 21, 2008, 2:57:21 PM7/21/08
to ea...@googlegroups.com

On Jul 21, 2008, at 11:46 AM, la...@ma.gnolia.com wrote:

> As part of our implementation, we've written an RoR plugin, which we'd
> love to release as open source and contribute back to the project.

Jesse should have commit access to the repository. Just create a ruby
folder under code alongside php and python.

la...@ma.gnolia.com

unread,
Jul 21, 2008, 3:05:54 PM7/21/08
to Email-Address-To-URL Transform (EAUT)
You can erase the http:// and put your email address in. Yes, we need
to change the UX on that, but we're hoping to have some early adopters
test it out first.

Larry

On Jul 21, 11:53 am, "Chris Messina" <chris.mess...@gmail.com> wrote:
> This is great -- but where does one enter their email address? When using
> the OpenID signin form? Perhaps you could offer as examples "E.g.http://claimid.com/[OpenID Name] or la...@ma.gnolia.com".
> Chris
>
> On Mon, Jul 21, 2008 at 11:46 AM, la...@ma.gnolia.com <la...@ma.gnolia.com>
> wrote:
>
>
>
> > Just wanted to let everyone know that we just deployed EAUT support
> > over at Ma.gnolia (http://ma.gnolia.com). You can now type in your
> > email address in the OpenID field and we'll resolve using EAUT with
> >http://emailtoid.net/as the default.

David Fuelling

unread,
Jul 21, 2008, 3:49:48 PM7/21/08
to ea...@googlegroups.com
That's awesome!!

I just logged in with my email address, and it works perfectly.

From a UX perspective, it did take a bit to get things to work.  Here's what I had to do....
  1. I had an existing account at ma.gnolia with the OpenID http://sappenin.myopenid.com.
  2. My email address transforms to a different OpenId (http://openid.sappenin.com/david), which delegates to MyOpenID.com.
  3. I entered my email into the ma.gnolia.com login form, and authenticated with MyOpenId.com, and came back to ma.gnolia, where I had to enter my username/password -- then I could get into the site.
  4. To verify everything was good, I logged out, and logged back in again with my email address.  However, I had to do the same thing over again (i.e., enter my ma.gnolia.com username/password at ma.gnolia.com).
  5. I finally realized that I had to manually associate the new OpenID (http://openid.sappenin.com/david) in my ma.gnolia profile.
  6. It would be nice if ma.gnolia would automatically associate the new OpenID after I first login via openid, then provide my existing account username/password (this should provide enough info to associate the openid I logged in with to my profile, and could easily be automated).
After I realized that, however, I am now able to easily and quickly login with my my sappenin.com email address.  Very Cool!!

Last but not least, I decided to try out my gmail address, and that worked perfectly too (via EmailToId).  WOW!!  It's pretty sweet to now be using my gmail address as an OpenID!!!!

David

Chris Messina

unread,
Jul 21, 2008, 3:57:22 PM7/21/08
to ea...@googlegroups.com
Quick question -- what's the migration path for existing email addresses? So if I already have an email account confirmed by Ma.gnolia -- I assume it's no different than using an OpenID... if I *don't* have an email with Ma.gnolia... same thing -- just doing account creation as with an OpenID -- but Ma.gnolia shouldn't need to confirm my email address, correct? It'd be lame if I had to confirm my address for BOTH Ma.gnolia AND Emailtoid!

Chris

la...@ma.gnolia.com

unread,
Jul 21, 2008, 4:17:13 PM7/21/08
to Email-Address-To-URL Transform (EAUT)
Glad it worked. You should only have to associate your OpenID with
your Ma.gnolia account once, and it sounds like you have to go through
that step a few times. We'll investigate.

On Jul 21, 12:49 pm, "David Fuelling" <sappe...@gmail.com> wrote:
> That's awesome!!
>
> I just logged in with my email address, and it works perfectly.
>
> From a UX perspective, it did take a bit to get things to work.  Here's what
> I had to do....
>
>    1. I had an existing account at ma.gnolia with the OpenID
>    http://sappenin.myopenid.com.
>    2. My email address transforms to a different OpenId (
>    http://openid.sappenin.com/david), which delegates to MyOpenID.com.
>    3. I entered my email into the ma.gnolia.com login form, and
>    authenticated with MyOpenId.com, and came back to ma.gnolia, where I had to
>    enter my username/password -- then I could get into the site.
>    4. To verify everything was good, I logged out, and logged back in again
>    with my email address.  However, I had to do the same thing over again
>    (i.e., enter my ma.gnolia.com username/password at ma.gnolia.com).
>    5. I finally realized that I had to manually associate the new OpenID (
>    http://openid.sappenin.com/david) in my ma.gnolia profile.
>    6. It would be nice if ma.gnolia would automatically associate the new
>    OpenID after I first login via openid, then provide my existing account
>    username/password (this should provide enough info to associate the openid I
>    logged in with to my profile, and could easily be automated).
>
> After I realized that, however, I am now able to easily and quickly login
> with my my sappenin.com email address.  Very Cool!!
>
> Last but not least, I decided to try out my gmail address, and that worked
> perfectly too (via EmailToId).  WOW!!  It's pretty sweet to now be using my
> gmail address as an OpenID!!!!
>
> David
>
> On Mon, Jul 21, 2008 at 6:46 PM, la...@ma.gnolia.com <la...@ma.gnolia.com>
> wrote:
>
>
>
> > Just wanted to let everyone know that we just deployed EAUT support
> > over at Ma.gnolia (http://ma.gnolia.com). You can now type in your
> > email address in the OpenID field and we'll resolve using EAUT with
> >http://emailtoid.net/as the default.

la...@ma.gnolia.com

unread,
Jul 21, 2008, 4:24:08 PM7/21/08
to Email-Address-To-URL Transform (EAUT)
Currently, if someone enters their email in the OpenID sign in form,
we use EUAT; but, if someone enters their email on the Ma.gnolia
Account sign in form we check against our (now legacy) user and
password database.

As far as I understand it, EAUT is a one way email address to OpenID
transformation and doesn't imply any sort of verification of that
email address in return. While we could trust emailtoid, we could
necessarily trust other transformers, which leaves us still having to
verify that an email address goes somewhere. This is especially
important for us to meet double opt-in requirements on our newsletter
mailing list.

Coming up with some UX flows for a Ma.gnolia type case (legacy
accounts and OpenIDs) would be a good idea, no?

On Jul 21, 12:57 pm, "Chris Messina" <chris.mess...@gmail.com> wrote:
> Quick question -- what's the migration path for existing email addresses? So
> if I already have an email account confirmed by Ma.gnolia -- I assume it's
> no different than using an OpenID... if I *don't* have an email with
> Ma.gnolia... same thing -- just doing account creation as with an OpenID --
> but Ma.gnolia shouldn't need to confirm my email address, correct? It'd be
> lame if I had to confirm my address for BOTH Ma.gnolia AND Emailtoid!
> Chris
>
>
>
> On Mon, Jul 21, 2008 at 12:49 PM, David Fuelling <sappe...@gmail.com> wrote:
> > That's awesome!!
>
> > I just logged in with my email address, and it works perfectly.
>
> > From a UX perspective, it did take a bit to get things to work.  Here's
> > what I had to do....
>
> >    1. I had an existing account at ma.gnolia with the OpenID
> >    http://sappenin.myopenid.com.
> >    2. My email address transforms to a different OpenId (
> >    http://openid.sappenin.com/david), which delegates to MyOpenID.com.
> >    3. I entered my email into the ma.gnolia.com login form, and
> >    authenticated with MyOpenId.com, and came back to ma.gnolia, where I had to
> >    enter my username/password -- then I could get into the site.
> >    4. To verify everything was good, I logged out, and logged back in
> >    again with my email address.  However, I had to do the same thing over again
> >    (i.e., enter my ma.gnolia.com username/password at ma.gnolia.com).
> >    5. I finally realized that I had to manually associate the new OpenID (
> >    http://openid.sappenin.com/david) in my ma.gnolia profile.
> >    6. It would be nice if ma.gnolia would automatically associate the new
> >    OpenID after I first login via openid, then provide my existing account
> >    username/password (this should provide enough info to associate the openid I
> >    logged in with to my profile, and could easily be automated).
>
> > After I realized that, however, I am now able to easily and quickly login
> > with my my sappenin.com email address.  Very Cool!!
>
> > Last but not least, I decided to try out my gmail address, and that worked
> > perfectly too (via EmailToId).  WOW!!  It's pretty sweet to now be using my
> > gmail address as an OpenID!!!!
>
> > David
>
> > On Mon, Jul 21, 2008 at 6:46 PM, la...@ma.gnolia.com <la...@ma.gnolia.com>
> > wrote:
>
> >> Just wanted to let everyone know that we just deployed EAUT support
> >> over at Ma.gnolia (http://ma.gnolia.com). You can now type in your
> >> email address in the OpenID field and we'll resolve using EAUT with
> >>http://emailtoid.net/as the default.

David Fuelling

unread,
Jul 21, 2008, 4:29:01 PM7/21/08
to ea...@googlegroups.com
I can't speak for ma.gnolia....but it seems like unless an RP explicitily trusts EmailToID to correctly validate/verify email addresses (via contract or some other relationship), then an RP should also verify the email address on its own.

With that said, the EAUT protocol could be used by itself as an email ownerhsip verification service, from two distinct directions.

Direction 1: Login with an Email Address
  1. Login to an RP with an email address
  2. Use EAUT to perform an OpenID login.
  3. Attach the email address to the Profile of the logged in user (the RP knows that the email address and OpenID belong together).
Direction 2: Login with an OpenID.
  1. Login with an OpenID.
  2. Use AX to get the email address (or have the user enter it in manually).
  3. Use EAUT to transform the email address to an openid.  If the two openid's match, the email is valid.
  4. Otherwise, follow the OpenID auth flow on the email address (using EAUT).  If auth is successful, then the email address is valid (or at least controlled by the person who controls the open id).
This process doesn't actually validate that the email address works -- it just validates that the person logged in with a particular OpenID has control over the email address in question (which I think is the real question needing to be answered in this use-case).

victorc

unread,
Jul 22, 2008, 6:12:21 PM7/22/08
to Email-Address-To-URL Transform (EAUT)
Hi,

I have also created a new Ma.gnolia account using my gmail emailwhich
mapped in Emailtoid to my OpenID URL and it works well.
Now as a Web developper, how can I add this feature to my OpenID
consumer Web site ? how to let people enter email instead of OpenID
URL ?
Any PHP code or library available ?
Thanks

Victor


On 21 juil, 21:49, "David Fuelling" <sappe...@gmail.com> wrote:
> That's awesome!!
>
> I just logged in with my email address, and it works perfectly.
>
> From a UX perspective, it did take a bit to get things to work.  Here's what
> I had to do....
>
>    1. I had an existing account at ma.gnolia with the OpenID
>    http://sappenin.myopenid.com.
>    2. My email address transforms to a different OpenId (
>    http://openid.sappenin.com/david), which delegates to MyOpenID.com.
>    3. I entered my email into the ma.gnolia.com login form, and
>    authenticated with MyOpenId.com, and came back to ma.gnolia, where I had to
>    enter my username/password -- then I could get into the site.
>    4. To verify everything was good, I logged out, and logged back in again
>    with my email address.  However, I had to do the same thing over again
>    (i.e., enter my ma.gnolia.com username/password at ma.gnolia.com).
>    5. I finally realized that I had to manually associate the new OpenID (
>    http://openid.sappenin.com/david) in my ma.gnolia profile.
>    6. It would be nice if ma.gnolia would automatically associate the new
>    OpenID after I first login via openid, then provide my existing account
>    username/password (this should provide enough info to associate the openid I
>    logged in with to my profile, and could easily be automated).
>
> After I realized that, however, I am now able to easily and quickly login
> with my my sappenin.com email address.  Very Cool!!
>
> Last but not least, I decided to try out my gmail address, and that worked
> perfectly too (via EmailToId).  WOW!!  It's pretty sweet to now be using my
> gmail address as an OpenID!!!!
>
> David
>
> On Mon, Jul 21, 2008 at 6:46 PM, la...@ma.gnolia.com <la...@ma.gnolia.com>
> wrote:
>
>
>
> > Just wanted to let everyone know that we just deployed EAUT support
> > over at Ma.gnolia (http://ma.gnolia.com). You can now type in your
> > email address in the OpenID field and we'll resolve using EAUT with
> >http://emailtoid.net/as the default.

Michael Richardson

unread,
Jul 22, 2008, 6:20:42 PM7/22/08
to ea...@googlegroups.com

On Jul 22, 2008, at 3:12 PM, victorc wrote:

>
> Hi,
>
> I have also created a new Ma.gnolia account using my gmail emailwhich
> mapped in Emailtoid to my OpenID URL and it works well.
> Now as a Web developper, how can I add this feature to my OpenID
> consumer Web site ? how to let people enter email instead of OpenID
> URL ?
> Any PHP code or library available ?
> Thanks
>
> Victor


Hi Victor,
Will Norris has written an excellent PHP library for EAUT. They're
hosted on http://eaut.org/ along with the specification and an example
implementation.
-Michael

Chris Messina

unread,
Jul 22, 2008, 6:21:23 PM7/22/08
to ea...@googlegroups.com
Take a look:


I think Will has also written a library of sorts that might be able to help...

Chris

victorc

unread,
Jul 22, 2008, 6:26:10 PM7/22/08
to Email-Address-To-URL Transform (EAUT)

Thanks to all and any examples of some PHP code using Will Norris EAUT
PHP library will be useful.

Thanks in advance Will :)

On 23 juil, 00:21, "Chris Messina" <chris.mess...@gmail.com> wrote:
> Take a look:http://emailtoid.net/developers/http://emailtoid.net/developers/#openid
>
> I think Will has also written a library of sorts that might be able to
> help...
>
> Chris
>
> On Tue, Jul 22, 2008 at 3:12 PM, victorc <victor.cousteno...@gmail.com>
> > > >http://emailtoid.net/asthe default.

Jesse Clark

unread,
Jul 22, 2008, 6:37:26 PM7/22/08
to Email-Address-To-URL Transform (EAUT)
FYI, there was a bug in our automatic association of openids with an
account that already had an openid associated with it. This bug has
been fixed and we deployed it yesterday.

Thanks for bringing this to our attention.

-Jesse


On Jul 21, 12:49 pm, "David Fuelling" <sappe...@gmail.com> wrote:
> That's awesome!!
>
> I just logged in with my email address, and it works perfectly.
>
> From a UX perspective, it did take a bit to get things to work. Here's what
> I had to do....
>
> 1. I had an existing account at ma.gnolia with the OpenID
> http://sappenin.myopenid.com.
> 2. My email address transforms to a different OpenId (
> http://openid.sappenin.com/david), which delegates to MyOpenID.com.
> 3. I entered my email into the ma.gnolia.com login form, and
> authenticated with MyOpenId.com, and came back to ma.gnolia, where I had to
> enter my username/password -- then I could get into the site.
> 4. To verify everything was good, I logged out, and logged back in again
> with my email address. However, I had to do the same thing over again
> (i.e., enter my ma.gnolia.com username/password at ma.gnolia.com).
> 5. I finally realized that I had to manually associate the new OpenID (
> http://openid.sappenin.com/david) in my ma.gnolia profile.
> 6. It would be nice if ma.gnolia would automatically associate the new
> OpenID after I first login via openid, then provide my existing account
> username/password (this should provide enough info to associate the openid I
> logged in with to my profile, and could easily be automated).
>
> After I realized that, however, I am now able to easily and quickly login
> with my my sappenin.com email address. Very Cool!!
>
> Last but not least, I decided to try out my gmail address, and that worked
> perfectly too (via EmailToId). WOW!! It's pretty sweet to now be using my
> gmail address as an OpenID!!!!
>
> David
>
> On Mon, Jul 21, 2008 at 6:46 PM, la...@ma.gnolia.com <la...@ma.gnolia.com>
> wrote:
>
>
>
> > Just wanted to let everyone know that we just deployed EAUT support
> > over at Ma.gnolia (http://ma.gnolia.com). You can now type in your
> > email address in the OpenID field and we'll resolve using EAUT with
> >http://emailtoid.net/as the default.

Will Norris

unread,
Jul 22, 2008, 6:37:43 PM7/22/08
to ea...@googlegroups.com

On Jul 22, 2008, at 3:26 PM, victorc wrote:
>
> Thanks to all and any examples of some PHP code using Will Norris EAUT
> PHP library will be useful.

example usage added to http://eaut.org/code/

Lachlan Hardy

unread,
Jul 25, 2008, 5:28:28 AM7/25/08
to Email-Address-To-URL Transform (EAUT)
I also had issues with this. See my screenshot (http://www.flickr.com/
photos/lachlanhardy/2700269013/) for details.

la...@ma.gnolia.com

unread,
Jul 25, 2008, 12:02:26 PM7/25/08
to Email-Address-To-URL Transform (EAUT)
Hey Lachlan,

Commented on your screenshot, but wanted to follow up here, too. If
the OpenID that your email address resolves to is the same one that
your Ma.gnolia account is registered with, sign in should just work.
Or, at least it does for me. I can only guess that there is some
issues with what we're getting back as your claimed identity. Perhaps
we can work out of band and see what's going on?

Larry

Lachlan Hardy

unread,
Jul 25, 2008, 7:42:52 PM7/25/08
to ea...@googlegroups.com
Commented on your screenshot, but wanted to follow up here, too. If
the OpenID that your email address resolves to is the same one that
your Ma.gnolia account is registered with, sign in should just work.
Or, at least it does for me. I can only guess that there is some
issues with what we're getting back as your claimed identity. Perhaps
we can work out of band and see what's going on?

Definitely. More details on their way.

Reply all
Reply to author
Forward
0 new messages