1Feb/1023

Google Apps Premier federated login with PHP

Google supports OpenID authentication or behaves as openid identity provider, using Google Apps accounts. Basically it means, user can use GA credentials to sign in into different services. This is especially useful for companies to unite other internal services with Google Apps single sign-in point. This is related to Standard edition as well.

I have got it working for PHP. Here is the story.

Having spent about 3 hours to get it work, I do not consider OpenID simple protocol that will conquer the Net soon. Why it shouldn't be as simple as adding Paypal payment to a site ?

Nevertheless, I make working sample. I used php-openid-2.1.3.zip quite standard OpenId library and php-openid-apps-discover.tar.gz helper for Google Apps.

It does not need any installation, just make "tmp" directory writable. Do not test it using local apache, upload somewhere to the web.

Note: The Federated Login Service is disabled by default for Google Apps Premier and Education Editions. The domain admin can enable it from the Control Panel at http://www.google.com/a/cpanel/<your-domain>/SetupIdp.

Test here

Download library

UPDATE!! Please look a this post for an updated libraries and example code

.

Did you find this post useful? Click +1 below

My Google Profile+
Filed under: I|T Leave a comment
Comments (23) Trackbacks (0)
  1. god bless you… thanks!

  2. This is a great library!

  3. I tried this and it used to work but now it doesn’t. No change on my end. Is there anything Google could have done to make this stop working?

  4. It seems there are some errors with includes. it includes wrong file. I rewrite it to include files in the current directory. Download updated archive.

    Also I installed test on my site:
    http://a32.me/other/openid-ga/

  5. Still not working. Can you help me diagnose it? http://scottsdalebible.com/openid-ga/

  6. Your page says 404 not found. Does it work here http://a32.me/other/openid-ga/ on my site ?

  7. Yes, it does work on your site. What file is not found though? All I did was put the openid-ga on my server. Do I need another file in the root? Email me at the address provided if you’d like.

  8. Okay so I have to instances of this setup identically. One works, one doesn’t . Any thoughts?

    Here’s my dev site, which works: http://scottsdalebibledev.com/openid-ga/

    And my prod site that doesn’t: http://scottsdalebible.com/openid-ga/

  9. Any ideas?

  10. is PHP setup the same ? phpinfo() output is the same ? This lib depends on SSL as I remeber.

  11. Here are the two phpinfo outputs:

    http://scottsdalebibledev.com/phpinfo.php
    http://scottsdalebible.com/phpinfo.php

    I don’t understand why it works from one domain but not the other. If you could help me troubleshoot offline that would be great. My email is in this post.

  12. I get “OpenID authentication failed: Nonce already used or out of range”
    when Iam trying with the domain dkdelfinen.se
    Have you any idea why?

  13. Hmm… it does not work for my domain too :( this means realization is too complex to be reliable. I will take a look why it broke.

  14. Still won’t work?! Are you actively developing this still?

  15. I fixed it, was wrong permissions on TMP dir. It is working fine now http://a32.me/other/openid-ga/

  16. But I don’t know if it is usefull to access to google docs for example.

    I know that open id is used to access to google apps but I don’t know if it is usefull to access document from other website to include in html…

    Is it possibile?

    Thks

  17. For accessing google docs you should use Google Docs API. This OpenID technique is usefule for organizing access to other corporate services using same google apps login everybody in the company has.

  18. Hello!

    I want to ask you if you consider updating the library to the latest (2.2.2) version of OpenID PHP Lib and to the latest (1.0.2) version of google discovery php add on to that first library as currently there are tons of issues with PHP5 and especially with 5.3. I’m struggling for 2 days to get GA OpenID discovery work and I think I’m about to succeed, little help would be appreciated by me and other users.

    Thank you for your great work!
    Dimitar

  19. Why not, I am trying to get it working with latest versions of libs:
    php-openid-apps-discover-1.0.2.zip
    openid-php-openid-2.2.2-0-ga287b2d.zip

    hope it will work, if not clear verdict, open_id is too complex and sucks.

  20. Great job.. the library working fine , thank you..


Leave a comment

Spam protection by WP Captcha-Free

No trackbacks yet.