How to uniquely identify someone in oAuth

Question

I'm currently creating a web app using Google's oAuth. I was wondering how I can uniquely identify an authenticated user so I don't accidentally add duplicates.

Answer 1

I am currently using OAuth exclusively and I am requesting the https://www.googleapis.com/auth/userinfo#email scope as described on http://sites.google.com/site/oauthgoog/Home/emaildisplayscope to get the email address of the authenticated user. I am using the email address to uniquely identify the user. This should be good enough for now.

Edited:

According to a recent Google developer comment (https://groups.google.com/group/oauth2-dev/browse_thread/thread/cf5c137f872f9932), they are currently working on this problem, but for anything production ready, you should use OpenID authentication.

Answer 2

The best way to do this would be to use OpenID with the oAuth extension (aka hybrid).

Answer 3

Doesn't Google give you other unique params like user name or user ID?

For example, Twitter and Facebook, give you user name and a unique url that identifies user's profile picture. If you save that params on server-side you can identify user next time that he comes on your site.

Answer 4

You should save somewhere the user_id you have for your users in your site, along with the corresponding access_token and access_token_secret.

Then you can query that table (or wherever you save that information) with the user_id and obtain the proper tokens

Regards