<div><meta charset="utf-8">>> So =ritou / @ritou / Ryo Ito has implemented a sample OpenID Connect RP for the Google. </div><div><br></div><div>I can't tell if it works yet.  Below is what I see after I try to login and it looks like it is failing<br>
<meta charset="utf-8"><h1 style="font-family: Times; font-size: medium; "><br></h1><h1 style="font-family: Times; font-size: medium; ">OpenID Connect Sample RP</h1><span class="Apple-style-span" style="font-family: Times; font-size: medium; "></span><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><pre>
This is OpenID Connect Sample RP  using Google(OP).
Flow : Authorization Code Flow

Google's sample RP and Document : <a href="http://oauthssodemo.appspot.com/step/1" target="_blank">http://oauthssodemo.appspot.com/step/1</a>
        </pre></span><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><a href="http://www8322u.sakura.ne.jp/oidconnect/">Reload</a></span><span class="Apple-style-span" style="font-family: Times; font-size: medium; "> </span><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><a href="http://www8322u.sakura.ne.jp/oidconnect/?refresh=1">Access Token Refresh</a></span><span class="Apple-style-span" style="font-family: Times; font-size: medium; "> </span><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><a href="http://www8322u.sakura.ne.jp/oidconnect/?clear=1">Restart</a></span><h2 style="font-family: Times; font-size: medium; ">
Obtain Access Token</h2><h3 style="font-family: Times; font-size: medium; ">Request :</h3><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><pre></pre></span><h3 style="font-family: Times; font-size: medium; ">
Response :</h3><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><pre></pre></span><h2 style="font-family: Times; font-size: medium; ">Token Info Endpoint</h2><h3 style="font-family: Times; font-size: medium; ">
Request :</h3><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><pre>GET /o/oauth2/tokeninfo?access_token= HTTP/1.1
User-Agent: OpenID Connect Sample RP v0.0.1
Host: <a href="http://accounts.google.com">accounts.google.com</a>
Accept: */*

</pre></span><h3 style="font-family: Times; font-size: medium; ">Response :</h3><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><pre>HTTP/1.1 400 Either access_token or id_token should be specified by client, not both
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Mon, 18 Jul 2011 15:12:14 GMT
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Transfer-Encoding: chunked

<HTML>
<HEAD>
<TITLE>Either access_token or id_token should be specified by client, not both</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Either access_token or id_token should be specified by client, not both</H1>
<H2>Error 400</H2>
</BODY>
</HTML>
</pre></span><h2 style="font-family: Times; font-size: medium; ">Resource Access</h2><h3 style="font-family: Times; font-size: medium; ">Request :</h3><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><pre>
GET /oauth2/v1/userinfo?access_token= HTTP/1.1
User-Agent: OpenID Connect Sample RP v0.0.1
Host: <a href="http://www.googleapis.com">www.googleapis.com</a>
Accept: */*

</pre></span><h3 style="font-family: Times; font-size: medium; ">Response :</h3><span class="Apple-style-span" style="font-family: Times; font-size: medium; "><pre>HTTP/1.1 401 Unauthorized
WWW-Authenticate: GoogleLogin realm="<a href="https://www.google.com/accounts/ClientLogin">https://www.google.com/accounts/ClientLogin</a>", service="lso"
Content-Type: application/json; charset=UTF-8
Date: Mon, 18 Jul 2011 15:12:16 GMT
Expires: Mon, 18 Jul 2011 15:12:16 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Transfer-Encoding: chunked

{
 "error": {
  "errors": [
   {
    "domain": "com.google.auth",
    "reason": "invalidAuthentication",
    "message": "invalid header",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "invalid header"
 }
}
</pre></span><hr style="font-family: Times; font-size: medium; "><small class="copytight">© 2011 <a href="http://d.hatena.ne.jp/ritou">ritou</a></small></div>