Closed GoogleCodeExporter closed 9 years ago
GoogleCodeExporter
commented
9 years ago I get that this is a problem, but I'm not sure how to solve it... Please tell me
more, if you are using the same server and consumer_key, how to you
differentiate the
callbacks? What is different that would provide a unique key?Original comment by brunobg%...@gtempaccount.com on 4 Jun 2010 at 2:50
GoogleCodeExporter
commented
9 years ago I'm not entirely sure what you mean, but the user_id is different for each. Is
this enough?Original comment by michalch...@gmail.com on 4 Jun 2010 at 4:04
GoogleCodeExporter
commented
9 years ago Maybe I'm missing the point of exclusive server/consumer_key combos as well.
Aren't we supposed to be using the same consumer_key, from our application, for
all of our users to connect with? If so, then we'd differentiate who it is
based on our application's user ID (via sessions or whatnot).Original comment by sty...@gmail.com on 12 Jun 2010 at 10:08
GoogleCodeExporter
commented
9 years ago [deleted comment]"authenticate [...] to the same server + consumer_key combo [...] using the
same credentials"
The user_id you pass to the OAuth server would only be returned back to you. A
Oauth Server never stores your user_id, but the OWN user_id based on the logged
in user!
So if you logged in twice with your Google accound, you will twice get the same
token back, and your different user_id of course. Because the server does not
care what you pass as user_id. (It´s yours)
If you want a new token, log in with another Google accound. ;o)Original comment by fiedler....@gmail.com on 13 Jun 2010 at 7:58
GoogleCodeExporter
commented
9 years ago "So if you logged in twice with your Google accound, you will twice get the
same token back"
Yes: this is the case I'm referring to
"If you want a new token, log in with another Google accound"
I'm happy with having the same token. However, this causes an exception.
Maybe I'm misunderstanding how to use things. What is the best method of using
oauth-php as the primary method for authentication for a site, when this is no
previously known user_id ?Original comment by michalch...@gmail.com on 14 Jun 2010 at 10:16
GoogleCodeExporter
commented
9 years ago You will get the user_id after the user has authenticated at the service
provider. I do not really know whats the end point from google for getting the
user information of the authenticated user.
OAuth is not primary made for authenticating users at your server! It´s made
for making signed api calls to another server (google in this case) without the
need to provide username/password to you.
A good starting point for OAuth with Google are these docs:
http://code.google.com/intl/de-DE/apis/accounts/docs/OAuth.html#GetAuth
And a google online client to test the google api calls:
http://googlecodesamples.com/oauth_playground/
Btw. i really want to help you! ;o) Maybe you can descripe more granulated what
you want to do.
Do you want that your users can sign in with their google account on your
system?
Maybe Google Federated Login helps more?
http://code.google.com/intl/de-DE/apis/accounts/docs/OpenID.htmlOriginal comment by fiedler....@gmail.com on 14 Jun 2010 at 7:35
GoogleCodeExporter
commented
9 years ago Ok, got the google end point for getting the user information:
https://www-opensocial.googleusercontent.com/api/people/@me
You have to sign this api call with the access token you got from google. Let
me know if this works or not! :o)Original comment by fiedler....@gmail.com on 14 Jun 2010 at 8:28
GoogleCodeExporter
commented
9 years ago More info could be found in the docs:
http://code.google.com/intl/de-DE/apis/contacts/docs/poco/1.0/developers_guide.h
tml#RetrievingUserContactOriginal comment by fiedler....@gmail.com on 14 Jun 2010 at 8:33
Original issue reported on code.google.com by
michalch...@gmail.comon 30 May 2010 at 3:03