Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

What information do you have to keep about a user to be an OpenID consumer? I wa

ID: 656223 • Letter: W

Question

What information do you have to keep about a user to be an OpenID consumer?

I want to use OpenID to let users register and authenticate on my system. So while I'm at it I want to not duplicate effort, and eliminate unnecessary passwords, etc from being stored.

I assume that besides the user's Profile details, you would need to store a copy of the user's Authentication/ID token from the ID provider as well as the user's ID URI, and a recovery email address in case the ID provider becomes inaccessible or the user wants to link a new ID provider to their account on your system. It also appears that there is a temporary "request" Token used during sign-up and/or during re-authentication, but this is short lived and used once only, so may not need to be stored in the database ever.

Does different ID providers, eg Facebook, Twitter, LinkedIn, Google Connect all provide similar enough authentication tokens that I can simply call the database columns something like "IDProviderToken" and "IDProviderURI", or do I need data specific to Facebook/Google/etc ?

Explanation / Answer

What you keep about the user is your own decision. The most basic implementation is keeping a user ID (the one received from the open ID provider) and the token you receive from the open ID provider (which includes access token, expiration and refresh token). whatever you wish to keep beyond that is up to you.

As much as I know every openid connect provider must respond with the same data structure... that is part of the protocol, but openid has three versions: 1.0, 2.0 and connect

Some examples of providers: Google and Microsoft Azure now use openid connect for their openid services. Yahoo uses openid 2.0 You mentioned Facebook - they are not an openid provider, they have their own unique protocol

Related Questions

What if Scenario It seems there are never enough hours in the day for you to get
Question #1133218
What if a holographic storage drive were invented? Suppose that a holographic dr
Question #3541536
What if a policy maker comes along with data that shows that school absenteeism
Question #3467051
What if a single bacterium landed in a nutrient filled test tube at 10:00 am? Si
Question #3411510
What if c++ had no built in facility for 2D array? It is possible to emulate the
Question #3624951
What if courses vary in length. When you sign up, you don\'t know how long a cou
Question #417297
What if government decide to decrease the use of post mail in order to save tree
Question #1198591
What if human vision were augmented to include an additional 100 nm on either th
Question #2307199
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
What information do I need to consider when doing an income statement and the fo
Next
What information do you need to create a project scope a. Project charter and re

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.