[Solar-talk] Gmail and Curl authentication adapters
Paul M Jones
pmjones at solarphp.com
Tue Oct 17 08:55:11 PDT 2006
On Oct 13, 2006, at 8:48 PM, Travis Swicegood wrote:
> I've started my own vendor namespace for contribution to
> Solar, Domain51. Tonight, I've got my first two pieces of code
> committed to my SVN repository:
>
> 1. a Gmail authentication adapater
> 2. a Curl authentication adapter (that the Gmail one extends)
Hey, pretty cool!
> This allows a user to sign-in using their Gmail email address and
> password. The code is quite simple, it checks the Gmail Atom feed
> which
> requires a username and password. If you get a HTTP 200 response
> code,
> you've got the green light from Google. Seeing as how nearly everyone
> has a Gmail account, I'm figuring that it's probably as good of a
> way as
> any to allow user login without having to keep track of all of the
> data
> yourself.
This brings up an interesting issue: the user has to enter his Gmail
credentials on a non-Google site (the "vendor" site). That kind of
thing would make me nervous as an end-user; how can I know the vendor
is not caching the credentials? I'd almost prefer that Google
implement something like OpenID, or TypeKey, or some other single
sign-on system where the credentials are not passed through an
intercessor.
--
Paul M. Jones <http://paul-m-jones.com>
Solar: Simple Object Library and Application Repository
for PHP5. <http://solarphp.com>
Savant: The simple, elegant, and powerful solution for
templates in PHP. <http://phpsavant.com>
More information about the solar-talk
mailing list