Lost in o auth? learn velruse and get your life back
Upcoming SlideShare
Loading in...5
×
 

Lost in o auth? learn velruse and get your life back

on

  • 1,353 views

 

Statistics

Views

Total Views
1,353
Views on SlideShare
1,216
Embed Views
137

Actions

Likes
3
Downloads
6
Comments
2

6 Embeds 137

http://eventifier.co 86
https://twitter.com 32
http://eventifier.com 10
http://lanyrd.com 7
http://feeds.feedburner.com 1
http://www.feedspot.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Lost in o auth? learn velruse and get your life back Lost in o auth? learn velruse and get your life back Presentation Transcript

  • agile.open.connectedLost In OAuth? Learn Velruse And Get Your Life Back! Andrew Mleczko Wednesday, 3 July 2013
  • Andrew Mleczko Python Dev RedTurtle - Italy - Poland amleczko@redturtle.it @amleczko www.redturtle.it Andrew Mleczko Wednesday, 3 July 2013
  • What is OAuth? Wednesday, 3 July 2013
  • “OAuth is an open standard for authorization.” wikipedia Wednesday, 3 July 2013
  • Lack of anonymity Lack of market saturation Phishing Data misuseBad precedents Wednesday, 3 July 2013
  • This talk is not about it! Wednesday, 3 July 2013
  • velruse Wednesday, 3 July 2013
  • Ben Bangert @benbangert https://github.com/bbangert/velruse http://pythonhosted.org/velruse Wednesday, 3 July 2013
  • velruse Wednesday, 3 July 2013
  • minimal configuration use or as a stand-alone service pyramid plugin Wednesday, 3 July 2013
  • simple request schema /{provider}/login Wednesday, 3 July 2013
  • as a service [app:velruse] use = egg:velruse endpoint = http://example.com/logged_in provider.facebook.consumer_key = 441361239240193 provider.facebook.consumer_secret = 52ef2618a1999eeec6d9c provider.facebook.scope = email ... Wednesday, 3 July 2013
  • handling login # sample callback view in flask @app.route('/logged_in', methods=['POST']) def login_callback(): # token is stored in the form data token = request.form['token'] return render_template('result.html', result=token) # sample callback view in flask @app.route('/logged_in', methods=['POST']) def login_callback(): token = request.form['token'] # the request must contain 'format' and 'token' params payload = {'format': 'json', 'token': token} # sending a GET request to /auth_info response = requests.get(request.host_url + 'velruse/auth_info', params=payload) auth_info = response.json return render_template('result.html', result=auth_info) Wednesday, 3 July 2013
  • as a pyramid plugin [app:main] use = egg:myapp pyramid.includes = velruse.providers.facebook velruse.facebook.consumer_key = 441361239240193 velruse.facebook.consumer_secret = 52ef2618a1999eeec6d9c velruse.facebook.scope = email ... Wednesday, 3 July 2013
  • handling login @view_config( context='velruse.AuthenticationComplete', renderer='myapp:templates/result.mako', ) def login_complete_view(request): context = request.context result = { 'provider_type': context.provider_type, 'provider_name': context.provider_name, 'profile': context.profile, 'credentials': context.credentials, } return {'result': json.dumps(result, indent=4)} @view_config( context='velruse.providers.facebook.FacebookAuthenticationComplete', renderer='myapp:templates/result.mako', ) def fb_login_complete_view(request): pass Wednesday, 3 July 2013
  • velruse providers Wednesday, 3 July 2013
  • Google OAuth2 example [app:velruse] use = egg:velruse endpoint = http://example.com/logged_in provider.google.consumer_key = 441361239240193 provider.google.consumer_secret = 52ef2618a1999eeec6d9c Wednesday, 3 July 2013
  • alfresco example github.com/RedTurtle/ pyramid_alfresco [app:main] use = egg:myapp pyramid.includes = pyramid_alfresco.oauth alfresco.consumer_key = 441361239240193 alfresco.consumer_secret = 52ef2618a1999eeec6d9c Wednesday, 3 July 2013
  • alfresco example class AlfrescoProvider(object):     def login(self, request):         """Initiate a alfresco login"""         scope = request.POST.get('scope', self.scope)         gh_url = flat_url(             '%s://%s/auth/oauth/versions/2/authorize' % (self.protocol, self.domain),             scope=scope,             response_type='code',             client_id=self.consumer_key,             redirect_uri=request.route_url(self.callback_route),             state=state)         return HTTPFound(location=gh_url) Wednesday, 3 July 2013
  • alfresco example class AlfrescoProvider(object): ...     def callback(self, request):         """Process the alfresco redirect"""         sess_state = request.session.get('state')         req_state = request.GET.get('state')         access_url = flat_url('%s://%s/auth/oauth/versions/2/token' % (self.protocol, self.domain))         payload = {}         payload['client_id'] = self.consumer_key,         payload['client_secret'] = self.consumer_secret,         r = requests.post(access_url,data=payload)         cred = {'access_token': r.json()['access_token'],                 'refresh_token': r.json()['refresh_token']}         return AlfrescoAuthenticationComplete(profile=profile,                                               credentials=cred,                                               provider_name=self.name,                                               provider_type=self.type) Wednesday, 3 July 2013
  • plone example github.com/RedTurtle/ pas.plugins.velruse Wednesday, 3 July 2013
  • plone example github.com/RedTurtle/ pas.plugins.velruse [app:main] use = egg:myapp pyramid.includes = velruse.providers.facebook velruse.providers.google velruse.providers.twitter velruse.facebook.consumer_key = 441361239240193 velruse.facebook.consumer_secret = 52ef2618a1999eeec6d9c velruse.facebook.scope = email velruse.twitter.consumer_key = 6453756375687365736 velruse.twitter.consumer_secret = 563475384g5yg4f5g3g85345f33ff34f velruse.google.consumer_key = 72342425845745453534535353464535432 velruse.google.consumer_secret = hdfusdg76f78gaftsdf5s6d7f4sd5g4f Wednesday, 3 July 2013
  • Grazie. Thank you. Wednesday, 3 July 2013
  • Questions ? Andrew Mleczko Python Dev Plone Framework Team amleczko@redturtle.it tw: @amleczko Wednesday, 3 July 2013