I am using Open ID on my website using Dope Openid library but I would like to add facebook as an open id provider to the list since facebook also supports OpenID...Can anyone help me out with an explanation or link me to a tutorial (staga.net is using it flawlessly on their site)
*if someone can also explain to me how Staga is using buttons instead of a text box(even SO uses a text box) to have an open ID support...Thanks
check out rpxnow
I'm not sure if I'm mistaking, but I don't believe facebook as of yet offers itself as an openId provider, but rather a consumer. That is you can log on to facebook using your gmail account, but you can't log on to stackoverflow by using your facebook account.
Last time I checked, I found facebook's implementation of an openId sign on to miss the point. To logon to the service using OpenID, go to Account Settings > Linked Accounts, pick an OpenID provider. However, facebook requires that your provider remembers that setting. If you don't have google set to remember facebook as an OpenID site, you won't be able to log on. Which to me is a bit ridiculous, but oh well...
Facebook is not an OpenID provider. If you want people to authenticate via Facebook, you'll need to implement their Facebook Connect API.
http://developers.facebook.com/connect.php
Related
I know the question is Kinda Silly but i want to know what exactly is oauth and how does it work with facebook,twitter etc.
And also if i want to implement it for my website like creating a login from my website button how can i do it
Definition
According to Wikipedia:
OAuth is an open standard to authorization.OAuth provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials.
So OAuth is commonly used as a way for web surfers to log into third party web sites using their Google, Facebook or Twitter accounts.
Working Example
Lets say you have a Gmail Account. You decide to sign up for LinkedIn.Adding your friends manually can be sketchy and painful. You might get fed up half-way. So you might be tempted not to create an the LinkedIn account after all.
LinkedIn got a nice idea and wrote a program to let the computer fetch all the data from your Gmail Account.
Without an API for exchanging this list of contacts, you may have to comprimise your email account to LinkedIn so here is where OAuth takes charge. If your Gmail supports the OAuth protocol, then LinkedIn can ask you to authorize them to access your GMail list of contacts.
References :
1)http://en.wikipedia.org/wiki/OAuth
2)https://blog.apigee.com/detail/when_to_use_oauth
Is there a php library that has all the stuff I need to do logins via fb, google, twitter, yahoo etc?
Something like how the SO one works.
Thanks
OAuth is different from the open-id facebook uses oauth by that you can actually pull some facebook data while with open-id u can maintain the session just authentication is done by the open-id provider (google)
you can use the Janrain-engage for this purpose and there is also a open-source lib available named "open-id enabled" thats too now under janrain.. google it
I'm writing an Android app that will require folks to identify themselves. We figured that the best course of action is to NOT have folks register with our server since practically everybody has an account somewhere else with a major service (Google, Twitter, Facebook, Yahoo! for example).
The REST API is being built around CakePHP. This in itself isn't a sticking point for what I need, but the issue is more on the Android app along with its communication to our API. Essentially what I'd like to see is a user with X number of devices having the ability to login to a service they already have access to.
This identity would then be known by our server as an identity for that user. My app would then need a way to tell our API that "I am John Doe from service example.com, and here's proof". The servers would also accept a new device for the same identity and tie it in to that user.
I am stuck on some issues here:
OpenID seems to be the way to go (though I'm not sure if Twitter supports OpenID). But how can I do OpenID from my device? I don't need somebody to point me to OpenID for Java. This is NOT 100% of the answer I am looking for. Where is the website going to redirect to?
What will the authentication piece be like between my webserver and Android app? I'm not logging in. I'm using an OpenID. Should I just take some/all of the OpenID information and pass it to the webserver for storage, and then pass it again to check against for every API call?
Twitter not only does OpenID, but they also have a dedicated page talking about what the flow is and what you need to store. Google has a similar page for their login. The OpenID login flows are (for the most part) OAuth2.
I have a PHP application that will be accessed by users who are already
signed into Google ( the app runs in an iFrame on a Google Site that
requires Google login)
What is the best SSO approach that uses Google login, so users have
the same identity in both places?
Best to use a some OpenID opensource? .. zend/cake/symf plugin?
GoogleApps infrastructure? .. or a identity service like Janrain?
Is it too early to go with OpenID Connect? etc.
Thanks much.
OpenID works well - and indeed, is good enough for StackOverflow - you probably used it to register your account here.
There's an article called Getting Started with OpenID. Although it's on Zend's website, it doesn't seem to be tied to the Zend framework, so is a good starting point. It covers all the modules you need to download, and includes an example to help get you started.
Also take a look on simplesamlphp and its integration with Google:
Setting up a simpleSAMLphp SAML 2.0 IdP to use with Google Apps
Is an open source project based on php. Nice comunity and complete documentation.
Hi again I recently discovered this interesting project HybridAuth, an SSO PHP Library for authentication through identity providers like Facebook, Twitter, Google, Yahoo, LinkedIn, MySpace, Windows Live, Tumblr, Identica, LastFM, OpenID, PayPal, Vimeo, Foursquare, AOL, Viadeo, and others.
I didnt test it but seems also a good solution.
I'm writing an iPhone app which works against my own server.
Basically, it's a forum where users can post. I don't want users to sign-in for an account on my server but I rather prefer them to login using any existing account they have: Facebook, Linkedin, Foursquare, etc.
So from the app itself, I want them to be able to login using their existing account which will then allow them to post on the forum.
My question is that: when a user is posting a message, how can I verify whether or not he is logged in with any service? I need to validate it both on the client and server side. I plan on writing the server side using PHP.
Thanks
See this question for a similar discussion (just limited to Facebook sign on). Here's a high-level overview of what should happen (taken from that discussion I linked to):
User opens the app on the phone. Chooses a service with which to authenticate.
Authenticates via one the available services (Facebook, Twitter, foursquare, etc.) and gets some special access token.
Your app takes the token and sends it to your server.
Your server receives the token and validates it. It checks it against the service's API and (at least for Facebook and Twitter) get the corresponding user ID.
Assuming a valid ID, your server checks if user ID has already been used by some user. If so, it logs them in. If the user ID hasn't been created, your server creates its own user record associated with that user ID and logs the user in. In either case, the user ends up logged in and your server issues a session key to your app.
The session key is used for all further communication between your app and your server until the user logs out.
On the phone, you're going to want some OAuth library to allow users to authenticate with another service. You'll probably want to use the Facebook iOS SDK to allow them to use Facebook and use one of the suggested OAuth libraries here for your other authentication services. I have only used the Facebook SDK, so I can't speak as to the general OAuth libraries.
Once logged in, the phone should not store the access token, only the session key.
Assuming that users can use more than one service to access their account, you will also want some way of connecting two services to the same user (probably by email address).
It's up to you to decide how your app and your server communicate. I'd go for a JSON+REST API for communications with the server.
Another option to get your users to login using multiple services is Socialize (www.getsocialize.com). It's an open source SDK that manages your users and authentication so you don't have to implement all the steps that cbrauchli has outlined above.
I was exploring if better/easy to use/implement options exist in 2020 using third party libraries to allow login with social accounts. And found two options:
AuthorizeMe - https://github.com/rubygarage/authorize-me & https://rubygarage.org/blog/authorizeme-ios-libary
Auth0 - https://auth0.com/learn/social-login/ & https://auth0.com/blog/using-centralized-login-to-add-authentication-to-your-ios-apps/
AuthorizeMe supports:
Facebook
Twitter
Google
Instagram
LinkedIn
plus custom providers
Auth0 supports:
Facebook
Twitter
Google
Microsoft (Windows Live)
Yahoo
Instagram
Amazon
LinkedIn
Github
PayPal
vKontakte
Yandex
Box
Baidu
Ren Ren (Xiaonei)
Weibo
Shopify
Wordpress
Yammer
SoundCloud
and custom providers as well
Disclaimer: I am not affiliated with Auth0 or AuthorizeMe.