The Google+ Domains API specifies a number of operations that can be done using Google Apps accounts for a domain. In PHP, these methods are
google_plus_circle_get
google_plus_people_add
google_plus_message_send
google_plus_message_read
google_plus_group_post_send
google_plus_group_post_read
google_plus_page_post_send
google_plus_page_post_read
google_plus_timeline_post_send
google_plus_timeline_post_read
google_plus_post_share_send
google_plus_post_share_read
google_plus_post_like_send
google_plus_post_like_read
Are there equivalent functions that are available if you are using a GMail account and not a Google Apps account?
Unfortunately, no. These functions are only available to Apps Domains and the accounts created for them.
The "regular" Google+ API is read-only and only works on fully public information. There are a number of open issues requesting these features, and you may wish to review the list and star those you're most interested in, giving detailed use cases where possible.
Related
We want to provide a service where the users would have to register in our website. The problem is that our customer (another company, say company A) wants to verify, for security and spam reasons, that each of the users who register are indeed verified users, but they won't let us access their database (where all the users are already registered).
We could do a manual verification (using users physical ID card) but this wouldn't be very effective. That's the reason why we were thinking that maybe we could use something like OAuth or OpenID to make our users sign up / sign in through their account at company A.
Apart from the email/username, we would need to collect some extra information for each user that they don't have it on the database of company A, and be able to use it over time. That is to say, it would be great if we could use company A's database, without having access to it, to verify the identity of our users and allow them to sign up as verified profiles.
What technologies and procedures should we adopt to achieve our goal? We have heard and read about OAuth and OpenID, but we're not quite sure whether that's what we are looking for or which one would fit our problem most. On top of that, we would appreciate if someone could provide us with a guideline for the implementation of the solution, as it's not the typical Facebook/Google Sign in for which there is plenty of information, but we have to use the database of an external company.
Note: we are using PHP and MySQL
At this point, if you want to deal with authentication/authorization you should look at the OpenID Connect and OAuth 2.0 as they are the most recent and the ones with an increased rate of adoption.
They share a similar history because in both cases they are not backwards compatible with the versions that preceded them, more specifically OAuth 1.0 and OpenID.
However, for this particular scenario you'll be dependent on what Company A supports. You can add support to OAuth2 and OpenID Connect to your application, but if Company A does not support it you're back to square one.
If you can in any way influence what Company A will provide to you then a compatible implementation of OpenID Connect would be your best bet as it would allow your application to use it as a way to verify user identities without having direct access to their user database. After receiving a verified user identity you could then require more information from the user in order to have a more complete profile on your side.
Assuming that Company A did provide an OpenID connect compliant implementation integrating with with would be very similar to integrating with any other provider like Auth0 and Google. I say similar, because as you can check in each link each provider may have their own extensions and supporting libraries that aim to simplify the experience.
I have a working php code which lets users login through Google Api.
The problem is, this code requires users to become Google Plus users.
I use the latest api located at http://code.google.com/p/google-api-php-client/downloads/list and still couldn't find out if I can use the same service for people who do not have and do not want to activate Google "plus".
update: I understand that this might be a 3rd party api question and I also think that this is a question about a popular 3rd party api and this question and it's answers may still help many people out there.
answer of the question: for quick reference, the answer is *Google_Oauth2Service* class
You can use Google OAuth as a mechanism to authenticate users without requiring that those Google users have activated Google+ accounts. See Using OAuth 2.0 for login. This approach relies on requesting the user's identity via the userinfo.profile or userinfo.email OAuth scopes.
You get advanced functionality and social capabilities if you use Google+ Sign-In, and if your users opt for that option, they will be prompted to upgrade their Google account. This approach uses the plus.login OAuth scope, which gets you identity information in addition to other API methods that can be called.
Choosing the approach that works for your app and audience is up to you.
As of june 2015, you have to use the google+ API to set up the sign-in (Other methods were deprecated).
If you want your user to sign-in without a google+ account, you need to specify "profile" instead of "https://www.googleapis.com/auth/plus.login" as the scope as explained here
Correct me if I'm wrong:
With respect to a user's email address associated with their account...
You can ask for and receive email addresses from openID providers (i.e. Google, Yahoo!, AOL, etc.).
You cannot obtain email addresses from OAuth providers (i.e. Twitter, LinkedIn, etc.).
You can receive email addresses from Facebook via OAuth.
If I am wrong and there is a way to obtain email address via OAuth, please describe an easy method.
Well what you have described is almost right.It dependents upon what you want both protocols Oauth and Open-id provides a way to Authentication but Oauth provides a fine grained control.
basically you can get Email address from Google/Yahoo/Window Live using Oauth and as per your analysis Both Twitter and LinkedIn model do not have the option to give back email.associated with the user.
But you need to have a clear understanding of whats different between both of them as that will clear your case what is provided by way
Both work on domain of security, identity, and authorization.
work on the principal of decentralization.
With Open ID, there is no suggestion of two web apps sharing your data. Except in the very limited sense that the Open ID provider may hold some general information about you.but this is data of a generic.
OAuth lets you authorise one website – the consumer – to access your data from another website
In short OpenId is coarse-grained while OAuth is more fine-grained.Oauth proicde a level of security by asking use to provide access to your data to the party who is asking the access and now its in the hand of user to allow or deny while with Open_id generic data will be available.
So choice is all yours.
Which is the simplest and best free tool(php) that provides "single sign-on" i.e login via many sites.
It should provide me basic details of users like name dob, location etc. It should be completely free irrespective of site traffic. It should have facebook, twitter, google
Following are the reliable and/or viable and very simple to implement solutions
https://www.simpleauth.com/
https://rpxnow.com/signup_landing_basic (free basic version)
http://openid.net/developers/
http://www.gigya.com/public/platform/Register.aspx (not free)
If you want all in one, than OpenID is your solution. OpenID's free service is shared service. Users must have OpenID account first to be able to login with this service.
If you don't want shared option, if you want this SSO (Single Sign On) service only for your own use then OpenID provides paid service. It was $0.25 per user last time I checked.
This means if everyday 100 new members will register to your websites (considering few websites, it should be the minimum), you will have to pay $25 every day to OpenID.
SSO is very useful technology. You can either create your own or go with paid services. Free services for sure will be shared. If you want to create your own, security measures must be first priority.
OpenID is extremely well know, or Facebook since it has so many users :)
Facebook... This will become your drivers license of the internet btw :P
I need to add an invite users functionality to my social networking application so users can invite contacts from their hotmail or yahoo accounts. How do I do this and are there any free open source libraries that do this?
Depending on the service you wish to get the contact information from they might already provide a published API for you.
For example, Yahoo has a contact list API you could use: http://developer.yahoo.com/social/rest_api_guide/contact_api.html
Google also has one: http://code.google.com/apis/contacts/
And so does Windows Live: http://msdn.microsoft.com/en-us/library/bb463974.aspx
If you need something to work with a service without an API then you might have to ask that user for his username and password, use it temporarily to log into his account, download the contact information and then discard the login details. There are obvious privacy and security issues with this approach, however. Nevertheless, it is used quite frequently by many social networking sites.
The same approach can also be used to retrieve buddy information from instant messaging services. You log in (perhaps using an open source IM API) and get their buddy list and contact details.
Just in case anyone was interested - I would like to share this neat piece of code I found off the web. Its free and very easy to setup and integrate. http://openinviter.com is php based and you can extract email contacts from just about any address book there is.
You just need to have curl set up for this.