What exactly will happen with Google OpenId Connect with OpenID 2.0 on January 1, 2017?

Question

What exactly will happen with Google OpenId Connect with OpenID 2.0 on January 1, 2017?

According to the Google OpenID 2.0 Migration Schedule , "matching OpenID 2.0 identifiers with OAuth 2.0 identifiers will continue to work until January 1, 2017."

It is not clear from the documentation at what stage this transition will be made. Will request the scope: "openid" or openid.realm: "something" starts to return an error? Or will the old openid value simply not be present in the response? The Google OpenId Connect Documentation still uses the request values in its OpenID Connect authentication URI example.

Does anyone have a better understanding of exactly how this happens? Our approach is to abandon openid scope and openid.realm, but we are trying to gain more confidence in the exact form of the change.

+5

openid google-oauth google-oauth2 openid-connect

Bret Dec 22 '16 at 15:26

source share

1 answer

William denniss · Accepted Answer · 2016-12-22T21:15:56+0000

The scope of openid relates to OpenID Connect, not OpenID 2.0 (this is confusing, I agree ...). OpenID Connect is fully supported and does not go away, so the openid is still fully supported.

Passing the openid.realm parameter after display rejection will not return an error , it is just that the old openid value may not be in the response. Therefore, you should develop your service in order to competently handle the case when the response does not have OpenID 2.0 value.

What exactly will happen with Google OpenId Connect with OpenID 2.0 on January 1, 2017?

More articles: