Using EROpenID with Google Apps Federated login
Sample delegate for talking to Google Apps via Google's openID deferated login. Note Google does not support SRegRequest.
public class GoogleAppsDelegate extends EROpenIDManager.DefaultDelegate {
@Override
public List<MessageExtension> createFetchMessageExtensions(String userSuppliedString, WORequest request,
WOContext context) throws MessageException {
ArrayList<MessageExtension> exts = new ArrayList<MessageExtension>();
FetchRequest fetchRequest = FetchRequest.createFetchRequest();
fetchRequest.addAttribute("Email", "http://axschema.org/contact/email", true);
exts.add(fetchRequest);
return exts;
}
}
Then override appendToResponse your standard login page with something like this:
public void appendToResponse(WOResponse r, WOContext c) {
// Assume client and realm exists.
if (client.doesOpenID()) {
String url = ((ERXWOContext) c).directActionURLForActionNamed(ERODirectAction.class.getName()
+ "/openIDRequest?" + "identity=" + client.openIdIdentity() + "&realm="
+ realm, null);
r.setHeader(url, "location");
r.setStatus(302);
} else {
super.appendToResponse(r, c);
}
}
Notes: the realm needs to be something static and explicit to your app. We use this:
WOApplication.application().webserverConnectURL().replaceFirst("http", "https")
client.openIDIdentity() should return something like this:
clientsdomainname.com/openid
where openid is an XRDS document. comprehensive instructions on setting up the rest is here:
http://jeremiahlee.com/blog/2009/09/28/how-to-setup-openid-with-google-apps/