Google Authentication for Web Applications

Web applications that need to access services protected by a user's Google or Google Apps (hosted) account can do so using the Google Authentication service. This service lets web applications get access without ever handling their users' account login information. Many but not all Google services support the Authentication service; check first with the service you want to access.

Google offers two libraries for handling authentication: one using the OAuth open standard, and a second interface called AuthSub, developed prior to the release of the OAuth standard. This module implements the AuthSub interface.

Factors to keep in mind when choosing between OAuth and AuthSub authentication:

• Read More about OAuth - Universality: If your application will need authentication from other service providers as well as Google (assuming those providers support OAuth), use OAuth to avoid having to set up multiple authentication mechanisms.
• Read More about AuthSub - Security: AuthSub allows for registered and unregistered access, offering several options with regard to security requirements. OAuth requires web applications to register with Google and sign all requests.
• Read more about registering your web application with Google.

The basic usage of this module requires you to include a call to google_auth_required() with the URL identifying the service(s) to be accessed. Here is an example of how to use it to authenticate with the Picasa service from Google:

Dev version

function picasa_dostuff() {
  $google_auth->scope = 'http://picasaweb.google.com/data/';
  $google_auth->redirect = '<front>';

  // Require the user to be authenticated with google
  google_auth_required($google_auth);

  /* do stuff that required the user to be authenticated */
}

Current release

function picasa_dostuff() {
  // Require the user to be authenticated with google
  google_auth_required('http://picasaweb.google.com/data/'); 

  /* do stuff that required the user to be authenticated */
}