Is there any way to retrieve a user's email address after authenticating with Yesod's OpenId implementation?
In my test app, the redirection and authentication occur correctly, and maybeAuthId gives me an id to the corresponding entry in my database. However, that identity is stored as a URL.
I can work with this, but it'd be nice to also get the actual email used to authenticate as other OpenId packages allow. Is this possible with Yesod's OpenId? Is there something I can do with authOpenIdExtended (unclear how to use it)?
After looking into this again, I found an answer:
First, we need to use authOpenIdExtended with the right parameters:
authPlugins _ = [authOpenIdExtended [("openid.ns.ax", "http://openid.net/srv/ax/1.0"),
("openid.ax.mode", "fetch_request"),
("openid.ax.type.email", "http://axschema.org/contact/email"),
("openid.ax.required", "email")
]]
I found these values from this page: https://developers.google.com/accounts/docs/OpenID and verified them to work with Google and Yahoo.
Then, to use our retrieved email address, we call "credsExtra creds" on the creds parameter passed to getAuthId. This gives us a list of tuples containing the response from the OpenId provider. When using the parameters above to authOpenIdExtended we find our email in the key/value tuples with the values "openid.ax.value.email" (for Yahoo) or "openid.ext1.value.email" (for Google). I was expecting Google to also use the "openid.ax.value.email" key, but close enough.
I hope this helps someone.