Google Apps Premier federated login with PHP
Google supports OpenID authentication or behaves as openid identity provider, using Google Apps accounts. Basically it means, user can use GA credentials to sign in into different services. This is especially useful for companies to unite other internal services with Google Apps single sign-in point. This is related to Standard edition as well.
I have got it working for PHP. Here is the story.
Having spent about 3 hours to get it work, I do not consider OpenID simple protocol that will conquer the Net soon. Why it shouldn't be as simple as adding Paypal payment to a site ?
Nevertheless, I make working sample. I used php-openid-2.1.3.zip quite standard OpenId library and php-openid-apps-discover.tar.gz helper for Google Apps.
It does not need any installation, just make "tmp" directory writable. Do not test it using local apache, upload somewhere to the web.
Note: The Federated Login Service is disabled by default for Google Apps Premier and Education Editions. The domain admin can enable it from the Control Panel at http://www.google.com/a/cpanel/<your-domain>/SetupIdp.
UPDATE!! Please look a this post for an updated libraries and example code
.
English 
Русский Categories
- book
- cloud
- delphi
- dev
- excel
- food
- foto
- fun
- hpc
- I|T
- linux
- misc
- mobile
- php
- portfolio
- software
- todo
- tricks
- web
Recent Posts
- Using jQuery events for triggering complex UI updates
- Position custom and fancy overlay dialog on Google Maps V3
- Easy way to change FTP directory permissions with LFTP chmod
- Change Mysql root password – The Right Way
- How to run PHP cron tasks without cron available
- Find the latitude and longitude of address using Geocoding API example
- Nginx and Mercurial setup
- I quit Apache and moved to Nginx
- How to merge/mix/combine RSS feeds
- Introduction to HTML5 History API
Archives
- May 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- September 2010
- August 2010
- July 2010
- June 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
February 10th, 2010 - 22:55
god bless you… thanks!
February 24th, 2010 - 03:54
This is a great library!
March 31st, 2010 - 06:03
I tried this and it used to work but now it doesn’t. No change on my end. Is there anything Google could have done to make this stop working?
April 9th, 2010 - 12:52
It seems there are some errors with includes. it includes wrong file. I rewrite it to include files in the current directory. Download updated archive.
Also I installed test on my site:
http://a32.me/other/openid-ga/
April 13th, 2010 - 21:55
Still not working. Can you help me diagnose it? http://scottsdalebible.com/openid-ga/
April 14th, 2010 - 11:30
Your page says 404 not found. Does it work here http://a32.me/other/openid-ga/ on my site ?
April 30th, 2010 - 04:15
Yes, it does work on your site. What file is not found though? All I did was put the openid-ga on my server. Do I need another file in the root? Email me at the address provided if you’d like.
May 6th, 2010 - 09:58
Okay so I have to instances of this setup identically. One works, one doesn’t . Any thoughts?
Here’s my dev site, which works: http://scottsdalebibledev.com/openid-ga/
And my prod site that doesn’t: http://scottsdalebible.com/openid-ga/
May 18th, 2010 - 19:27
Any ideas?
August 4th, 2010 - 08:32
Hello?
August 4th, 2010 - 11:56
is PHP setup the same ? phpinfo() output is the same ? This lib depends on SSL as I remeber.
August 5th, 2010 - 23:22
Here are the two phpinfo outputs:
http://scottsdalebibledev.com/phpinfo.php
http://scottsdalebible.com/phpinfo.php
I don’t understand why it works from one domain but not the other. If you could help me troubleshoot offline that would be great. My email is in this post.
August 21st, 2010 - 13:40
I get “OpenID authentication failed: Nonce already used or out of range”
when Iam trying with the domain dkdelfinen.se
Have you any idea why?
August 22nd, 2010 - 19:54
Hmm… it does not work for my domain too
this means realization is too complex to be reliable. I will take a look why it broke.
September 30th, 2010 - 20:51
Still won’t work?! Are you actively developing this still?
October 1st, 2010 - 09:29
I fixed it, was wrong permissions on TMP dir. It is working fine now http://a32.me/other/openid-ga/
October 2nd, 2010 - 00:24
Well why doesn’t mine work?!
http://scottsdalebible.com/openid-ga/
February 3rd, 2011 - 04:31
But I don’t know if it is usefull to access to google docs for example.
I know that open id is used to access to google apps but I don’t know if it is usefull to access document from other website to include in html…
Is it possibile?
Thks
February 3rd, 2011 - 10:40
For accessing google docs you should use Google Docs API. This OpenID technique is usefule for organizing access to other corporate services using same google apps login everybody in the company has.
February 21st, 2011 - 15:29
Hello!
I want to ask you if you consider updating the library to the latest (2.2.2) version of OpenID PHP Lib and to the latest (1.0.2) version of google discovery php add on to that first library as currently there are tons of issues with PHP5 and especially with 5.3. I’m struggling for 2 days to get GA OpenID discovery work and I think I’m about to succeed, little help would be appreciated by me and other users.
Thank you for your great work!
Dimitar
February 22nd, 2011 - 14:03
Why not, I am trying to get it working with latest versions of libs:
php-openid-apps-discover-1.0.2.zip
openid-php-openid-2.2.2-0-ga287b2d.zip
hope it will work, if not clear verdict, open_id is too complex and sucks.
February 22nd, 2011 - 17:54
You may test it here
http://a32.me/other/ga-open-id/
plz leave your feedback!
November 10th, 2011 - 22:24
Great job.. the library working fine , thank you..