This question has been flagged
2 Replies
11754 Views

Trying to get google apps login via Oauth working.

What is the link between a user and a google user in OpenERP? Is it the login field, or the email field?

Thanks.

Avatar
Discard

Are you still looking for an answer to this?

Author

I am. I saw a bug on launchpad which looked like it might be relevant. Haven't tried the latest nightly yet.

Am I right that you want to enable Google managed logins for existing users who are currently logging in with UID/PWD?

Author

Indeed.

May I suggest a better question, "How can I offer Google OAuth login to existing UID/PWD users?

Best Answer

Hi Thenon,

I'm pretty sure I have the answer for you.

http://www.youtube.com/watch?v=qCRCJgAiJmU&list=PLq7op4J183lX44ZlXPiHxUpRvmmRDtxye

Please have a look at this video and let me know if I missed anything. I'm still thinking about how to do it in bulk (100s of users)

The 2nd video in the series shows someone signing up to OpenERP using their Google account, and becoming a new user of the system. See minute 01:39 through to 02:00.

The URL for that is : http://www.youtube.com/watch?v=RHOjSJoXad0

Avatar
Discard
Author

Your video shows users signing themselves up. I don't want that, as its a closed environment - all the users are already have google apps accounts. I want to create OE accounts, and link them to the google apps accounts so they can log in with their google credentials.

The point of the video is that "password change" emails, sent to users contain a special link that gives them the opportunity to stop using UID/PWD authentication and start using Google authentication.

Author

I don't want them to EVER have a username and password. That's the entire point of single sign on, federated credentials. I now see that the title you suggested for this question is in fact misleading, I'll change back to what I had originally.

I have updated my answer to respond to that.

Author

Thanks Martin, appreciate the answers etc. but I think something is being missed here. If you see my earlier comment, I do not want people to be able to sign up with any account they have. I have a big organisation. Only some of them must be on OE. I want to create OE accounts, and then just link them (like for example, via email address or some other oauth token) to their google accounts. So they don't create an account. I do. Then they're linked. And then they can log in.

But . . . you do know that you can create an account for them in OE and send them the invitation email, yes? If so, then you are really asking how to block password use, right? An easy way to do that would be to have a cron job run an update on the user table setting all passwords to a random sequence every hour or so. You can alter the invitation email to inform your users that you will not permit passwords to be used. That's done in Settings | Technical | Email | Templates -- record named "Reset Password".

Best Answer

It is the "OAuth User ID" field in the user form.

Avatar
Discard
Author

Can't see any such field anywhere unfortunately. I have technical options enabled.

do you have the auth_oauth module enabled?

Author

I do yes - I've filled in my google oauth details within the setup page. If I log out, there is a login with google button.