Hybrid Auth: OAuth + OpenID Erik Eldridge Engineer/Evangelist Yahoo! Developer Network

Overview What, Why, and How of Hybrid Authentication Sample code Summary Resources

What, Why, and How of Hybrid Authentication

Sample code

Summary

Resources

What is Hybrid Auth? Using OpenID for authentication and Oauth to authorize data access Similar to Facebook's Connect, but based on open standards

Using OpenID for authentication and Oauth to authorize data access

Similar to Facebook's Connect, but based on open standards

Why should we use it? Easy Single flow for end-users Portable Open source libraries Any service can be an OpenID "Provider" Transferable skill-set and technologies

Easy

Single flow for end-users

Portable

Open source libraries

Any service can be an OpenID "Provider"

Transferable skill-set and technologies

How do we get started? Setup Implementation Sample

Setup

Implementation

Sample

Setup requirements Visit developer.yahoo.com/dashboard Register an OAuth application Download Yahoo! Social SDK from github.com/yahoo Download OpenID-Enabled library from openidenabled.com

Visit developer.yahoo.com/dashboard

Register an OAuth application

Download Yahoo! Social SDK from github.com/yahoo

Download OpenID-Enabled library from openidenabled.com

Generalized implementation Define a log in/out mechanism for your site If user is not logged in, initialize authentication via OpenID with Simple Registration In OpenID callback, check if OAuth access token for user is stored If access token does not exist, exchange request token for access token and store access token Log in user using local mechanism and begin fetching data using Oauth

Define a log in/out mechanism for your site

If user is not logged in, initialize authentication via OpenID with Simple Registration

In OpenID callback, check if OAuth access token for user is stored

If access token does not exist, exchange request token for access token and store access token

Log in user using local mechanism and begin fetching data using Oauth

Example service index.html openid/ index.php return_to.php php-openid-2.1.3/ oauth/ index.php yahoo-social-php-sdk/

service

index.html

openid/

index.php

return_to.php

php-openid-2.1.3/

oauth/

index.php

yahoo-social-php-sdk/

Service/index.html, top

Service/index.html, middle

Service/index.html, bottom

Service/openid/index.php, top

Service/openid/index.php, bottom

Service/openid/return_to.php, top

Service/openid/return_to.php, middle

Service/openid/return_to.php, bottom

Service/oauth/index.php

Summary What? Combination of OpenID authentication and OAuth authorization Why? Convenient for the end-user: single auth flow How? Yahoo! Social SDK + OpenID-Enabled OpenID library (with a pinch of YUI and YQL)

What?

Combination of OpenID authentication and OAuth authorization

Why?

Convenient for the end-user: single auth flow

How?

Yahoo! Social SDK + OpenID-Enabled OpenID library (with a pinch of YUI and YQL)

Resources developer.yahoo.com/openid developer.yahoo.com/oauth example.erikeldridge.com/{example code} Find me on Twitter: @erikeldridge

developer.yahoo.com/openid

developer.yahoo.com/oauth

example.erikeldridge.com/{example code}

Find me on Twitter: @erikeldridge