8

I decided to look into using Google Identity Toolkit. I knew I liked the UI, and the idea of using a "federated" login system. I'm now having my doubts, as while my site works well with gmail/ymail/hotmail etc, it doesn't seem to support any of the social platforms.

Essentially, I just need an email address from people to be registered with the site, so I thought GITKit was the perfect solution.

Should I have gone down a custom route (like stackoverflow?), or have I missed some of the GITKit documentation?

Any help would be much appreciated.

dazbradbury
  • 5,729
  • 5
  • 34
  • 38

2 Answers2

6

I did do a fair amount of googling prior to posting that question. However, I have come accross some answers. Rather than delete my post - I guess I should share the information. If others thought the information was clear, please delete this thread!

Firstly, there is a page identifying how to add custom IDP's: https://sites.google.com/site/gitooldocs/customidps

There is also a sample site (http://www.openidsamplestore.com/localmapping/) which uses facebook.

How does the advanced demo work for identity providers who are not E-mail providers, such as social networks?

The hardest part about designing the advanced site was to find a way to handle all the edge-cases that can happen with these types of identity providers. Google previously published a summary of best-practices for account-linking that describes why these types of identity providers are so much harder to support. However this demo provides a user self-service mechanism for all the tricky cases to avoid the costs that a website might otherwise occur if those users contact a customer support representative.

Finally, a best practices run-down is available here:

https://sites.google.com/site/oauthgoog/UXFedLogin/loginlogic

EDIT 1 :

If that identity provider asserts email addresses that it does not host, we suggest you also implement additional account linking logic.

A future version of GITKit will add support for these type of identity providers, such as social networks, which will avoid the need to implement that logic

Perhaps GITKit is the future after-all... Would be nice to have an idea of the time-frame in which this support will be added though...

EDIT 2 :

Direct from the horses mouth (Eric Sachs @ Google - Source Link):

That feature is not expected to be generally available in 2011. We are shooting for Q1 2012

Community
  • 1
  • 1
dazbradbury
  • 5,729
  • 5
  • 34
  • 38
  • 1
    Thanks for presenting this issue. I'm trying myself. Can you throw up any JSFiddle or github code, that describes how you tackled these issues? : **i)** How IDP auth, fits into your data model & how you implemented the callbackURL ; **ii)** What's the data and how's the session state managed by GITkit? ; **iii)** Is there a way to set this up the 'callbackURL' for development? The IDP needs a URL that it can redirect back to ; **iv)** How does GITkit / Account Chooser workflow let users register an account that's native to your app? ; Thanks in advance – Nutritioustim Dec 11 '11 at 22:06
  • 1
    @Frye - For more general queries, the GITKit google group is monitored by Google Employees. It seems your answers have been addressed here: https://groups.google.com/d/msg/google-identity-toolkit/2mRCtg_scRc/xo5mcSpiFo0J For setting up GITKit in .Net MVC, there is a decent guide here: http://havethunk.wordpress.com/2011/08/10/google-identity-toolkit-asp-net-mvc3/ Hope that helps! – dazbradbury Dec 13 '11 at 00:06
  • Yes indeed. I'm going on that reply. Thanks for the feedback 'dazbradbury'. Cheers. – Nutritioustim Dec 13 '11 at 18:24
  • the link https://sites.google.com/site/gitooldocs/customidps asks for requesting access. – botbot May 12 '16 at 00:29
  • ok now i realize most of these links are busted in this answer and seems kinda dated – botbot May 12 '16 at 00:30
1

Looks like someone got it working back in Dec 2011 but there is still an outstanding issue with mapping the id returned to an email address. It was probably resolved: https://groups.google.com/forum/#!searchin/google-identity-toolkit/facebook/google-identity-toolkit/2218yW4zXw8/28X7btJEh_sJ

Here is the documentation for the sample store including brief info on basic, mobile and advanced mode (using facebook): https://sites.google.com/site/oauthgoog/Home/openidsamplesite

An out-of-the-box IDP for facebook and twitter has not yet been released.

Bob
  • 11
  • 1