Child pages
  • EROpenID Framework

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Using EROpenID with Google Apps Federated login

Sample delegate for talking to Google Apps via Google's openID deferated login. Note Google does not support SRegRequest.

Code Block
public class GoogleAppsDelegate extends EROpenIDManager.DefaultDelegate {

	@Override
	public List<MessageExtension> createFetchMessageExtensions(String userSuppliedString, WORequest request,
			WOContext context) throws MessageException {
		ArrayList<MessageExtension> exts = new ArrayList<MessageExtension>();
		FetchRequest fetchRequest = FetchRequest.createFetchRequest();
		fetchRequest.addAttribute("Email", "http://axschema.org/contact/email", true);
		exts.add(fetchRequest);
		return exts;
	}

}

Then override appendToResponse your standard login page with something like this:

Code Block
public void appendToResponse(WOResponse r, WOContext c) {
		// Assume client and realm exists.
		if (client.doesOpenID()) {
			String url = ((ERXWOContext) c).directActionURLForActionNamed(ERODirectAction.class.getName()
					+ "/openIDRequest?" + "identity=" + client.openIdIdentity() + "&realm="
					+ realm, null);
			r.setHeader(url, "location");
			r.setStatus(302);
		} else {
			super.appendToResponse(r, c);
		}
	}

Notes: the realm needs to be something static and explicit to your app. We use this:

WOApplication.application().webserverConnectURL().replaceFirst("http", "https")

client.openIDIdentity() should return something like this:

clientsdomainname.com/openid

where openid is an XRDS document. comprehensive instructions on setting up the rest is here:

http://jeremiahlee.com/blog/2009/09/28/how-to-setup-openid-with-google-apps/