Google now allows users to sign up for multiple Google accounts at once. However, I donβt think that Google accounts have their own unique OpenID identifier URLs (itβs the same for everyone: https://www.google.com/accounts/o8/id ).
This is a small issue. Let's say a user logs into two Google accounts: A and B. However, he only has an account on my site for B. I have no real guarantee that when he clicks my OpenID link, it will authenticate with B instead of A ... all I can do is see the result, and if it were A, give the user a confused error message that says: βYou seem to be logged in to your Google A account, please log outβ .
Is there a better solution?
source
share