How do I properly implement Net::OpenID::Consumer for Google logins and request the user's email?
https://stackoverflow.com/questions/12609076
-
04-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I've been able to use Net::OpenID::Consumer with success, but when I started requesting the user's email address Google now prompts the user to authorize the sharing of their email address. This happens every single time, regardless of whether the user checks the 'Remember this approval' checkbox. How do I keep Google from prompting the user for approval every time?
Our site's OpenID registration and login paths are the same, otherwise we could only request the email address from Google when the user registers.
I'll try and post enough relevant code (this is a Dancer app).
my $csr = Net::OpenID::Consumer->new(
ua => LWP::UserAgent->new(),
consumer_secret => $secret,
);
my $claimed_identity = $csr->claimed_identity('https://www.google.com/accounts/o8/id');
$claimed_identity->set_extension_args(
"http://openid.net/srv/ax/1.0",
{
'mode' => 'fetch_request',
'type.email' => 'http://axschema.org/contact/email',
'required' => 'email',
});
my $check_url = $claimed_identity->check_url(
return_to => 'http://my.site.com/openid_landing',
trust_root => 'http://my.site.com',
delayed_return => 1,
);
Yahoo doesn't appear to have this problem. I guess this could be an issue on Google's end, but I'm betting it's my code.
Solution
Looking at the Google developers guide it looks like your application URL should match the value of the openid.realm parameter in the OpenID request, for a smooth logon without the authorization page. Having said this, I think you should specify the required_root to match the trust_root, something like-
my $csr = Net::OpenID::Consumer->new(
ua => LWP::UserAgent->new(),
consumer_secret => $secret,
required_root => "http://my.site.com"
);
