• Like
  • Save
OmniAuth: From the Ground Up (RailsConf 2011)
Upcoming SlideShare
Loading in...5
×
 

OmniAuth: From the Ground Up (RailsConf 2011)

on

  • 4,885 views

Slides associated with RailsConf 2011 presentation on OmniAuth.

Slides associated with RailsConf 2011 presentation on OmniAuth.

Statistics

Views

Total Views
4,885
Views on SlideShare
4,245
Embed Views
640

Actions

Likes
4
Downloads
65
Comments
1

16 Embeds 640

http://intridea.com 360
http://www.intridea.com 118
http://en.oreilly.com 62
http://www.mbleigh.com 33
http://mbleigh.com 18
url_unknown 16
http://www.newsblur.com 9
http://www.slideshare.net 7
http://staging.intridea.com 5
http://intridea-production.heroku.com 4
http://feeds.feedburner.com 3
http://localhost:3000 1
http://pulpitum.intridea.com 1
http://webcache.googleusercontent.com 1
http://translate.googleusercontent.com 1
http://mezura.com.br 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    OmniAuth: From the Ground Up (RailsConf 2011) OmniAuth: From the Ground Up (RailsConf 2011) Presentation Transcript

    • OmniAuth: From the Ground Up Michael Bleigh / RailsConf 2011Wednesday, May 18, 2011
    • Michael BleighWednesday, May 18, 2011
    • @mbleighWednesday, May 18, 2011
    • @intrideaWednesday, May 18, 2011
    • OmniAuth github.com/intridea/omniauthWednesday, May 18, 2011
    • Wednesday, May 18, 2011
    • OmniAuth! github.com/intridea/omniauthWednesday, May 18, 2011
    • Login with anythingWednesday, May 18, 2011
    • Assume nothing* *plus or minus a few small assumptionsWednesday, May 18, 2011
    • Past. Present. Future.Wednesday, May 18, 2011
    • Past! The why of OmniAuthWednesday, May 18, 2011
    • Why are there so many #&@$! authentication libraries?Wednesday, May 18, 2011
    • devise authlogic clearance sorcery restful-authentication, and so on...Wednesday, May 18, 2011
    • Assumptions.Wednesday, May 18, 2011
    • I only need one User model. Users will sign up and provide a password. Only e-mail can validate users. I only need one authentication method. I’m only going to use Rails in my app. I don’t have variable deploy targets. I don’t want to customize much.Wednesday, May 18, 2011
    • Wednesday, May 18, 2011
    • Wednesday, May 18, 2011
    • Can we do better?Wednesday, May 18, 2011
    • We need a single, normalized system for authentication.Wednesday, May 18, 2011
    • I Need Auth MAGIC! User InfoWednesday, May 18, 2011
    • OmniAuthWednesday, May 18, 2011
    • It takes a while to make easy things. March 30, 2010 First Commit October 1, 2010 0.1.0 (public release)Wednesday, May 18, 2011
    • October 1, 2010 0.1.0 10 providers, 3 contributorsWednesday, May 18, 2011
    • April 21, 2011 0.2.3 36 providers, 52 contributorsWednesday, May 18, 2011
    • Today master 47 providers, 76 contributorsWednesday, May 18, 2011
    • Wednesday, May 18, 2011
    • Present! The now of OmniAuthWednesday, May 18, 2011
    • Wednesday, May 18, 2011
    • Good News! We’re living in the future* *or an unrealeased git branch beta thereofWednesday, May 18, 2011
    • gem ‘omniauth’, :git => ‘git://github.com/intridea/omniauth.git’, :branch => ‘1.0-beta’Wednesday, May 18, 2011
    • @sferikWednesday, May 18, 2011
    • “...has commit access to just about every repo on GitHub” - Josh KalderimisWednesday, May 18, 2011
    • oa-identity Login and Password with OmniAuth PhilosophyWednesday, May 18, 2011
    • Inevitable, but difficult.Wednesday, May 18, 2011
    • Avoiding AssumptionsWednesday, May 18, 2011
    • Do almost nothing.Wednesday, May 18, 2011
    • user model e-mail verify fancy JUST IDENTITYWednesday, May 18, 2011
    • /auth/identity /auth/identity/callback /auth/identity/registerWednesday, May 18, 2011
    • Identity in action? Socialspring PassportWednesday, May 18, 2011
    • Requirements • Social and traditional auth • Strict e-mail verification • Multiple e-mails, multiple authentications per user • Flexible enough to work with LDAP etc. for behind-the-firewall installs • Automatic account creation based on confirmed email domainsWednesday, May 18, 2011
    • Let’s see what happens...Wednesday, May 18, 2011
    • [ livecoding ]Wednesday, May 18, 2011
    • OmniAuth as your only auth* *if you like it that way, like I do.Wednesday, May 18, 2011
    • OmniAuth as a FrameworkWednesday, May 18, 2011
    • Perception PerceptionWednesday, May 18, 2011
    • image via stopdropandrew.com Let’s kill the magic.Wednesday, May 18, 2011
    • RealityWednesday, May 18, 2011
    • The Guts • OmniAuth is just middleware • Each provider is a strategy • Each strategy is a class • Each strategy has phases: • Request Phase • Callback PhaseWednesday, May 18, 2011
    • The User Info Hash {    “provider”  =>  “friendface”,    “uid”  =>  “123456”,    “user_info”  =>  {        “nickname”  =>  “mbleigh”,        “name”  =>  “Michael  Bleigh”,        “email”  =>  “michael@intridea.com”    },    “credentials”  =>  {        “token”  =>  “120942310491asfas-­‐213-­‐0123”    } }Wednesday, May 18, 2011
    • The Bare Minimum {    “provider”  =>  “minimal”,    “uid”  =>  “123456”,    “user_info”  =>  {        “name”  =>  “Michael  Bleigh”    } }Wednesday, May 18, 2011
    • Request Phase /auth/:provider • Requests information of the user • For OAuth, redirects to provider • For OpenID, requests URL • For LDAP, requests user/passWednesday, May 18, 2011
    • Callback Phase /auth/:provider/callback • Creates the user info hash • For OAuth, grabs and uses access token to fetch user info • For OpenID, parses the response • For LDAP, retrieves directory infoWednesday, May 18, 2011
    • Enough talk. Let’s BUILD!Wednesday, May 18, 2011
    • [ livecoding ]Wednesday, May 18, 2011
    • Future! The what’s next of OmniAuthWednesday, May 18, 2011
    • Fostering ContributionWednesday, May 18, 2011
    • TestingWednesday, May 18, 2011
    • Y U NO HAVE TESTS?Wednesday, May 18, 2011
    • API Calls with remote site interaction and credential requirements. To 40+ different sites.Wednesday, May 18, 2011
    • I had to choose: Test it all, or release it ever.Wednesday, May 18, 2011
    • Testing is priority #1 going forward.Wednesday, May 18, 2011
    • SUP DAWG I HEARD YOU LIKE TESTING GEMS SO I MADE A GEM TO TEST YOUR GEM AND WROTE TESTS FOR IT SO YOU CAN TEST MY GEM FOR TESTING YOUR GEM WHILE YOU TEST YOUR GEMWednesday, May 18, 2011
    • Help me. Please.Wednesday, May 18, 2011
    • Documentation (for contributors)Wednesday, May 18, 2011
    • ConvenienceWednesday, May 18, 2011
    • Massaging Pain PointsWednesday, May 18, 2011
    • Rails Integration (via a separate gem)Wednesday, May 18, 2011
    • Documentation (for users)Wednesday, May 18, 2011
    • Moar Strategies (written by not me)Wednesday, May 18, 2011
    • Moar Suggestions!Wednesday, May 18, 2011
    • Thanks! Questions? http://spkr8.com/t/7512 @mbleigh @intridea github.com/intridea/omniauthWednesday, May 18, 2011