I hope you can direct me with my query.
I wish to create my own authentication method for users in my Google Apps for Work account. Currently I am using built in Google Authentication, however I wish to build my own authentication method in PHP, Phyton or .NET; language doesn't matter really. So I want users to go to the page I will create, then they will need to pass authentication and be logged to Google Apps.
I know SSO is the way to do it but after my research I found very little about how to achieve it with Google Apps. I mean there is tones of third party platforms like OneLogin etc but I would like to have something I build myself. Ideally I would like to have some examples of SSO which works with GAFW so I could figure out the rest myself. I read somewhere that building own SSO portal it's not a piece of cake and also found an article that you can create something based on oAuth2.0 instead. So tried research about oAuth2.0 but all documentation I found is about authenticating to the application that I build using Google Apps Credentials, where I want the opposite; to be able to access Google Apps using the app that I build.
Hope someone could direct me to some examples or documentation or explain the process of learning curve to get my head around this project of building SSO for GAFW.
If you want to write your own Auth system and become the Identity Provider (IdP), you need to use SAML as that is the only supported method for now.
Here are the step by step instructions
Related
I created an application as part of a university project that searches using web APIs. Google+ is one of the APIs considered.
Now I am trying to evaluate this application against what other search tools offer. In the evaluation, I ask the user to create a google plus account and then try to find it using the search engine example.com and then try our tool.
The problem I am having is that when I create a google plus profile, I can not find it immediately using "Google+ API people search". Is there a way to tell the API to consider recently created profiles or any other solution to this.
No. Google+ is a large application and things can take time to process by various other systems.
My school is looking to use moodle as an LMS and integrating it with google apps. What I would like to implement in the integration is a single sign on where once a user is logged into google apps, they would immediately be logged into their moodle account. I want this to also be possible vice versa where a user would also be automatically logged into their google apps account if they login to moodle instead. So far the plugins I have found can only do one or the other; not both (or perhaps I do not know how to configure them this way).
I have tried using googleoauth2 and GSAML but had no luck. Can someone please help or guide me somewhere that has this implemented?
Thanks you
THe process is well-documented here: https://docs.moodle.org/29/en/Google_Apps_Integration
The OneLogin plugin (among other options) supports both SSO and Google Apps. I would suggest starting there.
The exact documentation (should you choose to proceed with this login) can be found here. You will need OpenAM as well.
I need to build oAuth provider and started to do my homework around Facebook and Google, as they are the largest example there is I think. What I still don't understand, when a web site wants to use oAuth from Google or Facebook, does it have to apply their SDK or SDK is just to simple the hard work, but there is the way to do it your self from scratch? I asking this, because I wonder, if after my oAuth provide will be ready, I will have to create SDK as well.
No, you do not have to create any SDK for OAuth provider or clients. You can look at an google's playground for a sample end to end demonstration of OAuth2 flow.
I have developed asp.net MVC social networking site. I do not want to keep credentials at my database. Its user choice like stackoverflow (this forum). When we saying login the there should be option that to login with google/yahoo/facebook credentials, if user has account over there. What I have to do? is there any webservice provided by sites (google/yahoo/facebook) or what is remedy over this ? this topic in totally new for me . I expecting help from you gems..
You could implement OpenID. DotNetOpenAuth is implementation for .NET.
Sounds like OpenId would work for you (click, and more).
Library's to use in your apps.
For Facebook you want to use Facebook Connect. There is an implementation for .net on codeplex that you may want to have a look at. You may also want to look at this question.
Google uses OpenId. You can use DotNetOpenAuth to connect to google (and any other OpenId provider, such as Yahoo and twitter).
If you want to connect with Microsoft's LiveId, you may want to read this tutorial.
EDIT
There is also the option of using JanRain, a single provider that consolidates a large number of login providers. But note that JanRain is only free up to 1000 users.
There are solutions that enable authentication and features (like status updates, friends etc) from all mentioned sites, one of them is RPX from JanRain. I've experience with RPX personally and it's a great product, however, it will cost you money. They charge you per registered user etc.. I do not know of an open source solution that can compete with RPX.
If you are not interested in paying for a product you can always implement support for the mentioned sites yourself. All of them provide open API's and examples for how to do this. For Facebook it's very easy to implement Facebook Connect. Google and Yahoo both support Open ID and there are plenty of open source resources available for .NET (like http://www.dotnetopenauth.net/).
Good luck with your community!
I've looked at Net::Google, and 90% of the modules use AuthSub with a mandatory login/password. The right way for a web application to interact with Google applications on behalf of a customer is to use OAuth. That way, the authentication is done by Google, and the application does not know the user's password. This is supported by Net::Google::DocumentsList for example.
Are you aware of modules that can work well with Picasa and Blogger, for example, using OAuth. The current Net::Google::PicasaWeb handles read-only queries, no add/remove/update actions.
I noticed this blog entry with an example, http://blog.case.edu/jeremy.smith/2009/03/30/using_2legged_oauth_with_google_apps_in_perl, perhaps it will get you started.