Getting a gmail address with… openid? oauth?

Question

I'm getting confused.

I was able to make openid login kinda work using LightOpenID.

All I get doing that is just an openid_identity such as "https://www.google.com/accounts/o8/id?id=xxx". Pretty disappointing: I was expecting to get the email address too.

i.e. I need to login (that's what openid does) and to know the email address of the google account the user used to login.

There is the function $openid->getAttributes() but all I get from that is just an empty array: I guess google isn't going to give me anything else than that openid_identity.

So I guess I'm supposed to use OAuth, right? I'm clueless about that. I've only found horrible and confused documentation, that either pretends to explain everything (and I do mean everything), or it fails explain anything at all.

Yes, of course I've tried to look at the previous posts about that, just as I did search on google. Read again the above paragraph, please.

Answer 1

I've just discovered LightOpenID and I think it's wonderful. I've managed to get the email address, the first and last name and the prefered language using the following modification of example-gmail.php:

<?php

require_once('openid.php');

if (empty($_GET['openid_mode']))
{
    if (isset($_GET['login']))
    {
        $openid = new LightOpenID();
        $openid->identity = 'https://www.google.com/accounts/o8/id';
        $openid->required = array('namePerson/first', 'namePerson/last', 'contact/email', 'pref/language');

        header('Location: ' . $openid->authUrl());
        //header('Location: ' . str_replace('&amp;', '&', $openid->authUrl()));
    }

    else
    {
        echo '<form action="?login" method="post">' . "\n";
        echo '<button>Login with Google</button>' . "\n";
        echo '</form>' . "\n";
    }
}

else if ($_GET['openid_mode'] == 'cancel')
{
    echo 'User has canceled authentication!';
}

else
{
    $openid = new LightOpenID();

    echo 'User ' . ($openid->validate() ? $_GET['openid_identity'] . ' has ' : 'has not ') . 'logged in.';

    echo '<pre>';
    print_r($openid->getAttributes());
    echo '</pre>';
}

?>

I changed the code to make it a little more readable, the output:

User https://www.google.com/accounts/o8/id?id=*** has logged in.

Array
(
    [namePerson/first] => Alix
    [contact/email] => ***@gmail.com
    [pref/language] => en
    [namePerson/last] => Axel
)

I still can't get the postal code and others from Google but I've had success with myOpenID.com.

Answer 2

You can use OpenID's attribute exchange. See the Google documentation here (in particular, openid.ax.type.email).

Answer 3

OAuth and OpenID are not the same. They solve completely different things. I'm going under the assumption you checked out: Federated Login for Google Account Users it has a bit more explanation on how the accounts work for Google Accounts.

Solutions:

1. This is in Python but you should be able to adjust it accordingly for PHP.
2. This is in .Net - again you should be able to change the AX mode yourself.

Answer 4

Having a Google account doesn't mean you get a gmail account. You can start a Google account with any email address.

Having said that I don't think its part of the spec to return email addresses or login data as part of the identity.