Login/signup to Commons site with Google/Facebook account

Updated summary with the list of available modules.

I prefer uniformed, one to rule them all, general OAuth Connector approach. ;)

I think a general OAuth approach is much better, especially because I consider tight LinkedIn integration a logical extension for Commons.

+1 for general oauth solution. This will facilitate corporate SSO login capabilities. If folks want facebook connect they can add that as an alternative.

FYI, I'm trying to get oauthconnector working with google now. The registration/login is working but username/email are not transferring properly. Hopefully I can report success soon. Folks interested in LinkedIn, Twitter, and Facebook will need to experiment with those separately.

oauthconnector feels like the best idea to me given that it would require supporting just one stack of modules. However, the installed base of oauthconnector is relatively small compared to some of the others. Like Moshe said it seems like this needs a lot of testing and feedback from people who are using it.

Knowing that the planned release of a beta is in July and that folks can easily add in a Facebook Connect module if they choose to, does implementing the generic solution represent a barrier?

I think it is likely that the Facebook Connect has a larger user base because a lot of site builders probably got a higher-ranked search result for it because they typed in "Facebook Connect". My point being that the smaller user base may not be because the oauth module isn't good.

The other slippery slope here is that folks put in Facebook/Google because they're the big ones. What happens when they next want to login to Tumblr or Pinterest or Foursquare ( etc )? Module sprawl seems imminent. It's much easier to add a module to an existing distro than to take it out.

And yes, I am antsy. I've been waiting for Commons for a long time and I'm super excited that it's finally happening! So thank you bunches for working on this!

FWIW: quite interesting sprint / wiki page: Abstracting Social Networking functionality in Drupal, and maybe relevant comment / module: OAuth API?

We have 5+ general oauth connector recommendations. Marking RTBC since consensus seems to be go general.

JFTR (maybe offtopic): http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/

I saw that. The article would be way funnier if it wasn't so sad. We've been reading up a lot on SSO solutions lately. The problem is that it appears there is very little standardization to Oauth 2.0 and it is very easy to say you're compliant while still needing some very specific stuff to integrate.

I'm torn on this one. Usually a general solution would be a slam-dunk but Facebook is still using an older draft version of Oauth and several in the tech industry don't think they'll have a reason to upgrade to the full solution.

Google Apps actually offers integration for SAML as well, which is great for enterprise but makes the whole discussion murkier. https://developers.google.com/google-apps/sso/saml_reference_implementation

Hi All,
Has any one looked into how Janrain Engage works as SSO and Social sharing? I was/am using it on my D6 site. Users can create accounts on sign in using many different 3rd parties. I like the idea of it all being in Commons (6x 2.0 update to to 2.5 hid the share button for the Engage module) as to reduce module conflicts in updates, but may solve some early issues in MVP.

BTW, I am not a Drupal genius by any stretch, so sorry if this is wrong post to add. Just trying to help if possible. I am just very excited about 3x.

That would offer a means to a solution. Some thoughts:

1. It would need to be easily turned off because corporate intranets most likely aren't going to allow social logins.
2. This is a paid product. The idea is good but Commons out of the box should not require folks to subscribe for a paid service. Mollom is a paid service too, but it has a free level up to x number of hits.

It took a bit to find, but Janrain Engage (the social login product) is free for up to X users per month: http://janrain.com/products/engage/engage-pricing/

Yet another idea is to use BrowserID - http://drupal.org/project/browserid - which seems great but is not widely supported yet.

Social sharing on Janrain has a disable feature.

Sorry, ezra-g, I'm confused by the statement that there's not a need to create another issue? Not objecting, just not sure what you meant.

I agree on the Oauth Connector path. From looking at the project page, that looks like it will do what is listed in the prototype?

Are there any considerations regarding the PHP cURL requirement for Oauth Connector?

I was surprised during the install, since I consider my dev environment pretty extensive, but could it possibly shy some admins away from Commons in any way? Should it at least be listed as a 3rd party requirement somewhere?

Um, it should be listed, but I would assume that logging in with the Facebook module would require curl as well for a backend page call? Should probably include a readme or a help explaining how they can disable the module if they don't want to use that functionality.

@achton: I was also surprised because I thought that PHP cURL library is must have on LAMP and that I installed it once...but, as VPS will probably be recommended for running Commons, in that case one simple apt-get install php5-curl command will solve this issue.

Nevertheless, definitely worth mentioning in #1660910: Define Commons 7.x-3.x system requirements and #1704202: Commons 3.x documentation.

Is Acquia Managed Cloud equipped to support this?

@ezra

Making oAuth optional is the way to go

Hi, I'm sure it's a little late for new suggestions, but I was wondering if this current solution could easily be replaced? I was looking at HybridAuth Social Sign-on. The maintainer of Ulogin module is now a maintainer of the Hybridauth module, so it should have support.

Hybridauth allows to get and update status on multiple networks as well as login, are there plans to implement something similar with Commons?
~Thanks
Edit: I finally got around to looking at the Oauth Connector that comes with commons and it answered my question. It looks promising.

It looks like OAuthConnector has been motioned, seconded, and carried.

Facebook fails login to site with the message below.
"Authorization finished
The application has been authorized"

Twitter Connect works and logs you into the site. Both are configured through the connections tab on user profile.

Tested with:

• centOS
• FF & IE
• PHP 5.3.17
• mySQL 5.5.27-cll
• Apache/2.2.23

Is there an example module in the plans for this? The only documentation I'm finding is how to sync the profile with Oauth Connector and nothing on publishing content with it. I know that docs will possibly be here one day, but what is the closest document or project that I can look at that might help me understand how to use Oauth connector in more useful ways?
~thanks

Edit: I looked at the code and I see that there is a function available that should be pretty easy to use.
/**
* Endpoint Call.
*
* Use this to post on twitter, get a profile, search in Facebook... and many more.
* You need a $provider, and a access token, that is it... supports both oauth and oauth2.
*/

Tough call, the current solution I believe has much more promise, but it seems like a project that you might more and likely have to take on and put way too much into. Drupal for Facebook(DFF )is a serious Drupal project, and if you want to talk Facebook, that is your premiere project to do it with afaik. Might be overkill to include DFF, but it would go nice with Drupal Specifics if you decide to go such a route. :)

With the Oauth Connector I like the idea to be able to craft my own solutions as needed, but I also would like the idea of an even tighter integration with Facebook. However, the latter doesn't seem as common an idea as the former, so it's your call.

I know that we can count on you for a lot of things, but we can't count on you for everything, so picking whichever project that has the best support helps ease all our troubles.

Well, from looking at the above screenshot you're all set--unless you need more functionality. I just easily added Meetup as a sign up option, so Oauth connector is probably going to be one of your better choices to allow that type of flexibility.

I should mention I couple projects I do like, but they are in sandbox, so not quite ready for prime time.
Social Space, FB Poster

One question: why we don't use http://drupal.org/project/hybridauth for example? I think it really useful. I've used it for several projects. It works with many providers and it's easy to add one more if you need something custom.

@CryAngel, that really is a good question which was suggested on #25. I think they might be looking for something lighter, but I could be mistaken. That might be an even better idea if you consider some existing issues and a new issue that I just posted. Ymmv

• Publish official site content to external sites
• Social sharing links
• Activity Wall - Post statuses + Message Comments and Likes
• Improved anonymous user permissions
• Default values for social profile fields shouldn't be populated until user enters data into the field
• G+ like circle solution?
• See a list of suggested people to follow based on Twitter, Facebook
• Require e-mail verification when a visitor creates an account
• Google Docs/Drive integration
• Improvements to user profile/account settings form
• Add user's upcoming events view to profile pages
• This issue

Does this mean OAuth will work seamlessly with Commons now?

I haven't had a chance to play with it in awhile, but I was wondering the same thing now that they switched to using the e-mail field for login. I'm not sure what you mean by seamless? I did have some of the social services working, but not like in the prototype screenshot.

I setup the Oauth modules that are included in Commons. There is no documentation on setting them up, so it takes a fair amount of time and trial and error. I haven't figured out how to manually share a users profile pic with commons so they have an avatar at login. Also, I can't figure out how to get the login links to show up on the login or registration form. Anybody had any success or know of documentation?

Hi, Is Oauth setting up the same as setting it up for twitter? There is lots of info about. Or is it different. If so, may be you can volunteer to make the documentation because you already did it!
Greetings, Martijn

When you get to the settings page for oauth connector you have a few options for common systems like Twitter, Facebook, LinkedIn and Google. Selecting one will fill in the values automatically, but it is unclear how to map any fields like the profile picture. Other modules like Janrain engage or Facebook Oauth http://drupal.org/project/fboauth do this out of the box. I still haven't figured it out, and I still have no idea how to get the options to show up on the login or signup page.

Hmmm.. I'm with Jason on this. I've been fiddling with this for an hour or two now, and I cannot get it to cooperate. If anyone has been able to get this working I'd love some pointers..

Thanks, Johnny

Kickstart was in the same boat.
We are using OAuthConnector, and we haven't had many complaints.
Our screencast is also a good resource: http://www.drupalcommerce.org/blog/4571/kickstart-tip-1-social-logins-ma...

On the other hand, the module is pretty unmaintained.
jsacksick and myself just got commit access and committed the patches we used inside Kickstart, and we can do quick fixes (especially if you provide the patch), but I think that any bigger work would require a rewrite (or bigger cleanup), for which we have no resources. Just a gut feeling.

The oauthconnector module will need love indeed, including figuring out account sync. I'd give this a good week, if not 7-10days of getting it built out, tested on each of the providers (fb, google, linkedin, twitter), syncing changes from the social media provider, and adding social media to users who already exist on the site.

The only thing that seems to work right now is authentication, all other profile data doesn't work, and there is an issue for it on d.o: http://drupal.org/node/1503258 (which from my reasearch shows as needs work, not review, the last comment doesn't make much sense to me)

List of available modules.

this is well maintained:

http://drupal.org/project/hybridauth

As I originally mentioned back in #25 it would probably help tackle the list of issues I mentioned in #35.

I really like hybridauth. +1 on that!

I like that it abstracts all of the social media networks into a php library, even further than what other modules do (which just abstract the social networks into an API for drupal)

The advantage to this is we get every php project using this module to commit changes, which I think will lead to less broken code. It seems that making social media work with login is a practice in the dark arts, mainly because they make API changes and drupal modules don't follow quick enough. My hope is that hybridauth, since its more widely supported outside of drupal, will be quicker to make sure outside changes are reflected in the library.

I'm using it and it seems to work well.

my issue is that I am also using drupal for facebook so I'd like to integrate the two.

Although I haven't had a chance to fully check it out, I've been using the Facebook Autopost. Drupal for Facebook seems to be a solid project, but this one just seemed like it would be easier and lighter to integrate into Commons and possibly with HybridAuth.

I like the potential of hybridauth very much! a few things though..

1) I don't see any place to do good profile <-> provider sync. Although the hybridauth module provides tokens to do such a thing, it'd probably be pretty easy to add in the config.

2) not exactly sure how exportable the default configuration is. there isn't a specific hybridauth ctools exportable.

3) We will need to get the library white-listed into d.o to package it.

4) will need to add it somehow into our login widgets. It doesn't happen automatically.

But these three things are fairly minor. The out-of-the-box experience is pretty awesome!

I'm actually needing this as well for my Commons install.

Any updates on when we can expect it ?

Hey guys!

I'm the author and maintainer of HybridAuth 2.x branches. And I'd love to give you any support you might need to make HybridAuth into Drupal Commons - don't hesitate to create any issues you need my help with, I will try my best to help you out.

1) I don't see any place to do good profile <-> provider sync. Although the hybridauth module provides tokens to do such a thing, it'd probably be pretty easy to add in the config.

It seems like I don't fully understand the scope of the required feature... the decision with HybridAuth was to use Rules module to get information from auth providers into profile fields. But any way it is not a synchronization process, it is one way only - from auth provider to profile fields.

2) not exactly sure how exportable the default configuration is. there isn't a specific hybridauth ctools exportable.

The default configuration is just variables... so it should be transferable using Strongarm + Features. If you need smth else - let's discuss it in a new issue for HybridAuth project.

3) We will need to get the library white-listed into d.o to package it.

This one looks unlikely to happen... #1986810: HybridAuth library on packaging whitelist I have plans to add drush integration to download the library, but didn't make it yet (if it helps at all with this point)

4) will need to add it somehow into our login widgets. It doesn't happen automatically.

What are these login widgets you refer to? HybridAuth module has settings to add its widget to the default Drupal login/registration forms/blocks. And HybridAuth widget is a FormsAPI element so there shouldn't be any issues to add it to any renderable array.

Once again, will be happy to see you in HybridAuth issue queue ;) It is quite active and the module gets commits and new features.

Thanks
AndyB

Wondering if there is any news on this? Will HybridAuth be part of a future DC update?

I am asking because we need this in a project but before implementing a custom solution myself it would be good to know what direction the maintainers are thinking of.

Best,
Gerben

@Gerben Zaagsma

I implemented HybridAuth in a Drupal Commons a few months ago without any problems.

I even asked some new features in the HybridAuth module and duozersk delivered them and was really helpful.

I agree with you that knowing what the mainteners have in mind would be better, but doing it yourself is really as easy as installing the module so don't hesitate to try it!

Thanks for this @Growiel, very good to know it is so easy, will give it a try!

Adding drupal for fb

I would like to try the oAuth but can you then also get the users connections? so that he can see which of his friends are already authenticated and have a profile on the drupal site?

Added HybridAuth to the list to consider

GITkit (gconnect) seems inoperative at this point: https://www.drupal.org/node/2118343

looking for a new f4ree alternative for drupal 6

Hybridauth rocks! I use it on all my sites already...

Hybridauth rocks and has a massive dev base at https://github.com/hybridauth/hybridauth! I use it on all my sites already...

@giorgio79, comment#63 Hi, could you please let me know which all login providers on the "HybridAuth social login" is paid service. Why I am asking this is, because I was trying the HybridAuth on the development site and for the Google, in their instruction, they asked to go to google APIs page and create a project and asked to add Contacts API and Google+ API. Now the main page is stating the Free 60 day trial and there is no instruction what after that. Now, I am not getting that whether this service is chargeable or not, and if then how much and same way which all other are paid service. Since you are using on your sites, you would have much better idea, how this all works. Very very Thanks.