[mitreid-connect] make simple-web-app work with google accounts

Justin Richer jricher at mit.edu
Tue Jan 20 08:48:56 EST 2015 

Nope, they were involved at the beginning of development of the protocol 
standard, and much of it was based off of Facebook Connect, but they 
decided to leave the standardization effort not long into the process 
and keep doing their own thing instead. I can't comment as to why they 
would do that, but the result is that they're not running OpenID Connect 
and are incompatible with implementations of it.

  -- Justin

On 1/20/2015 8:43 AM, Rafael Weingartner wrote:
>
> I thought that Facebook was using OpenId Connect, hence they are 
> listed as one of the companies that have helped to develop the protocol.
>
>
> On Tue, Jan 20, 2015 at 11:36 AM, Justin Richer <jricher at mit.edu 
> <mailto:jricher at mit.edu>> wrote:
>
>     It won't work without major rewrites: Facebook doesn't implement
>     OpenID
>     Connect, they have their own proprietary identity protocol, Facebook
>     Connect.
>
>       -- Justin
>
>     On 1/20/2015 8:35 AM, dejw wrote:
>     > Just curious, have anyone of you tried to test the same thing
>     with Facebook?
>     >
>     > Dawid
>     >
>     > On 2015-01-20 13:52, Justin Richer wrote:
>     >> I've added a note to the wiki page that the code only works in
>     the 1.2
>     >> development branch at this time (due to Google's nonce bug).
>     >>
>     >> I haven't done testing against Google personally but I know of
>     several
>     >> who have successfully made it work, the original thread is in
>     the issue
>     >> tracker here:
>     >>
>     >>
>     https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/683
>     >>
>     >>
>     >> Perhaps that will have some notes you can use. If there's
>     anything else
>     >> missing from the wiki page, please help us fix it!
>     >>
>     >>   -- Justin
>     >>
>     >> On 1/19/2015 3:45 PM, dejw wrote:
>     >>> OK I am one step further - it turned out that after upgrading
>     jars i
>     >>> simple-web-app to have support for enableNonce parameter some
>     of it was
>     >>> missing. Another this was that client secret also must be set.
>     Now I do
>     >>> not have the error as previously.
>     >>> For some reason I can't get Google Login form and I get logged in
>     >>> somehow without it but it isn't possible to get user info (what is
>     >>> indeed logical consequence). I have to check why I can't get
>     login form
>     >>> displayed (this step is missing for me now).
>     >>> Have some of you tested it and got the form displayed properly?
>     >>>
>     >>> Best regards,
>     >>> Dawid
>     >>>
>     >>> On 2015-01-18 21:27, dejw wrote:
>     >>>> Hello,
>     >>>>
>     >>>> I tried to reconfigure simple-web-app to make it work with Google
>     >>>> Accounts. I tried to apply this manual:
>     >>>>
>     >>>>
>     https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Sample-Static-Configuration-for-using-Google-Authentication
>     >>>>
>     >>>>
>     >>>> Unfortunately it didn't work for me and I got such error:
>     >>>>
>     >>>> java.lang.NullPointerException
>     >>>>
>     org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService.getClientConfiguration(StaticClientConfigurationService.java:65)
>     >>>>
>     >>>>
>     org.mitre.openid.connect.client.OIDCAuthenticationFilter.handleAuthorizationCodeResponse(OIDCAuthenticationFilter.java:294)
>     >>>>
>     >>>>
>     org.mitre.openid.connect.client.OIDCAuthenticationFilter.attemptAuthentication(OIDCAuthenticationFilter.java:170)
>     >>>>
>     >>>>
>     org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
>     >>>>
>     >>>>
>     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>     >>>>
>     >>>>
>     >>>> It might be my error so I'd like to ask if it is possible to
>     get some
>     >>>> example servlet-context.xml file which worked for anybody?
>     >>>>
>     >>>> Best regards,
>     >>>> Dawid Szejnfeld
>     >>>> _______________________________________________
>     >>>> mitreid-connect mailing list
>     >>>> mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>
>     >>>> http://mailman.mit.edu/mailman/listinfo/mitreid-connect
>     >>>>
>     >>> _______________________________________________
>     >>> mitreid-connect mailing list
>     >>> mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>
>     >>> http://mailman.mit.edu/mailman/listinfo/mitreid-connect
>     > _______________________________________________
>     > mitreid-connect mailing list
>     > mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>
>     > http://mailman.mit.edu/mailman/listinfo/mitreid-connect
>
>     _______________________________________________
>     mitreid-connect mailing list
>     mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>
>     http://mailman.mit.edu/mailman/listinfo/mitreid-connect
>
>
>
>
> -- 
> Rafael Weingärtner

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20150120/e3366f85/attachment-0001.htm

More information about the mitreid-connect mailing list