I’ve been able to use Net::OpenID::Consumer with success, but when I started requesting the user’s email address Google now prompts the user to authorize the sharing of their email address. This happens every single time, regardless of whether the user checks the ‘Remember this approval’ checkbox. How do I keep Google from prompting the user for approval every time?
Our site’s OpenID registration and login paths are the same, otherwise we could only request the email address from Google when the user registers.
I’ll try and post enough relevant code (this is a Dancer app).
my $csr = Net::OpenID::Consumer->new(
ua => LWP::UserAgent->new(),
consumer_secret => $secret,
);
my $claimed_identity = $csr->claimed_identity('https://www.google.com/accounts/o8/id');
$claimed_identity->set_extension_args(
"http://openid.net/srv/ax/1.0",
{
'mode' => 'fetch_request',
'type.email' => 'http://axschema.org/contact/email',
'required' => 'email',
});
my $check_url = $claimed_identity->check_url(
return_to => 'http://my.site.com/openid_landing',
trust_root => 'http://my.site.com',
delayed_return => 1,
);
Yahoo doesn’t appear to have this problem. I guess this could be an issue on Google’s end, but I’m betting it’s my code.
Looking at the Google developers guide it looks like your application URL should match the value of the
openid.realmparameter in the OpenID request, for a smooth logon without the authorization page. Having said this, I think you should specify therequired_rootto match thetrust_root, something like-