OmniAuth: From the Ground Up (RailsConf 2011)

  • 4,516 views
Uploaded on

Slides associated with RailsConf 2011 presentation on OmniAuth.

Slides associated with RailsConf 2011 presentation on OmniAuth.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
4,516
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
65
Comments
1
Likes
4

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. OmniAuth: From the Ground Up Michael Bleigh / RailsConf 2011Wednesday, May 18, 2011
  • 2. Michael BleighWednesday, May 18, 2011
  • 3. @mbleighWednesday, May 18, 2011
  • 4. @intrideaWednesday, May 18, 2011
  • 5. OmniAuth github.com/intridea/omniauthWednesday, May 18, 2011
  • 6. Wednesday, May 18, 2011
  • 7. OmniAuth! github.com/intridea/omniauthWednesday, May 18, 2011
  • 8. Login with anythingWednesday, May 18, 2011
  • 9. Assume nothing* *plus or minus a few small assumptionsWednesday, May 18, 2011
  • 10. Past. Present. Future.Wednesday, May 18, 2011
  • 11. Past! The why of OmniAuthWednesday, May 18, 2011
  • 12. Why are there so many #&@$! authentication libraries?Wednesday, May 18, 2011
  • 13. devise authlogic clearance sorcery restful-authentication, and so on...Wednesday, May 18, 2011
  • 14. Assumptions.Wednesday, May 18, 2011
  • 15. I only need one User model. Users will sign up and provide a password. Only e-mail can validate users. I only need one authentication method. I’m only going to use Rails in my app. I don’t have variable deploy targets. I don’t want to customize much.Wednesday, May 18, 2011
  • 16. Wednesday, May 18, 2011
  • 17. Wednesday, May 18, 2011
  • 18. Can we do better?Wednesday, May 18, 2011
  • 19. We need a single, normalized system for authentication.Wednesday, May 18, 2011
  • 20. I Need Auth MAGIC! User InfoWednesday, May 18, 2011
  • 21. OmniAuthWednesday, May 18, 2011
  • 22. It takes a while to make easy things. March 30, 2010 First Commit October 1, 2010 0.1.0 (public release)Wednesday, May 18, 2011
  • 23. October 1, 2010 0.1.0 10 providers, 3 contributorsWednesday, May 18, 2011
  • 24. April 21, 2011 0.2.3 36 providers, 52 contributorsWednesday, May 18, 2011
  • 25. Today master 47 providers, 76 contributorsWednesday, May 18, 2011
  • 26. Wednesday, May 18, 2011
  • 27. Present! The now of OmniAuthWednesday, May 18, 2011
  • 28. Wednesday, May 18, 2011
  • 29. Good News! We’re living in the future* *or an unrealeased git branch beta thereofWednesday, May 18, 2011
  • 30. gem ‘omniauth’, :git => ‘git://github.com/intridea/omniauth.git’, :branch => ‘1.0-beta’Wednesday, May 18, 2011
  • 31. @sferikWednesday, May 18, 2011
  • 32. “...has commit access to just about every repo on GitHub” - Josh KalderimisWednesday, May 18, 2011
  • 33. oa-identity Login and Password with OmniAuth PhilosophyWednesday, May 18, 2011
  • 34. Inevitable, but difficult.Wednesday, May 18, 2011
  • 35. Avoiding AssumptionsWednesday, May 18, 2011
  • 36. Do almost nothing.Wednesday, May 18, 2011
  • 37. user model e-mail verify fancy JUST IDENTITYWednesday, May 18, 2011
  • 38. /auth/identity /auth/identity/callback /auth/identity/registerWednesday, May 18, 2011
  • 39. Identity in action? Socialspring PassportWednesday, May 18, 2011
  • 40. Requirements • Social and traditional auth • Strict e-mail verification • Multiple e-mails, multiple authentications per user • Flexible enough to work with LDAP etc. for behind-the-firewall installs • Automatic account creation based on confirmed email domainsWednesday, May 18, 2011
  • 41. Let’s see what happens...Wednesday, May 18, 2011
  • 42. [ livecoding ]Wednesday, May 18, 2011
  • 43. OmniAuth as your only auth* *if you like it that way, like I do.Wednesday, May 18, 2011
  • 44. OmniAuth as a FrameworkWednesday, May 18, 2011
  • 45. Perception PerceptionWednesday, May 18, 2011
  • 46. image via stopdropandrew.com Let’s kill the magic.Wednesday, May 18, 2011
  • 47. RealityWednesday, May 18, 2011
  • 48. The Guts • OmniAuth is just middleware • Each provider is a strategy • Each strategy is a class • Each strategy has phases: • Request Phase • Callback PhaseWednesday, May 18, 2011
  • 49. The User Info Hash {    “provider”  =>  “friendface”,    “uid”  =>  “123456”,    “user_info”  =>  {        “nickname”  =>  “mbleigh”,        “name”  =>  “Michael  Bleigh”,        “email”  =>  “michael@intridea.com”    },    “credentials”  =>  {        “token”  =>  “120942310491asfas-­‐213-­‐0123”    } }Wednesday, May 18, 2011
  • 50. The Bare Minimum {    “provider”  =>  “minimal”,    “uid”  =>  “123456”,    “user_info”  =>  {        “name”  =>  “Michael  Bleigh”    } }Wednesday, May 18, 2011
  • 51. Request Phase /auth/:provider • Requests information of the user • For OAuth, redirects to provider • For OpenID, requests URL • For LDAP, requests user/passWednesday, May 18, 2011
  • 52. Callback Phase /auth/:provider/callback • Creates the user info hash • For OAuth, grabs and uses access token to fetch user info • For OpenID, parses the response • For LDAP, retrieves directory infoWednesday, May 18, 2011
  • 53. Enough talk. Let’s BUILD!Wednesday, May 18, 2011
  • 54. [ livecoding ]Wednesday, May 18, 2011
  • 55. Future! The what’s next of OmniAuthWednesday, May 18, 2011
  • 56. Fostering ContributionWednesday, May 18, 2011
  • 57. TestingWednesday, May 18, 2011
  • 58. Y U NO HAVE TESTS?Wednesday, May 18, 2011
  • 59. API Calls with remote site interaction and credential requirements. To 40+ different sites.Wednesday, May 18, 2011
  • 60. I had to choose: Test it all, or release it ever.Wednesday, May 18, 2011
  • 61. Testing is priority #1 going forward.Wednesday, May 18, 2011
  • 62. SUP DAWG I HEARD YOU LIKE TESTING GEMS SO I MADE A GEM TO TEST YOUR GEM AND WROTE TESTS FOR IT SO YOU CAN TEST MY GEM FOR TESTING YOUR GEM WHILE YOU TEST YOUR GEMWednesday, May 18, 2011
  • 63. Help me. Please.Wednesday, May 18, 2011
  • 64. Documentation (for contributors)Wednesday, May 18, 2011
  • 65. ConvenienceWednesday, May 18, 2011
  • 66. Massaging Pain PointsWednesday, May 18, 2011
  • 67. Rails Integration (via a separate gem)Wednesday, May 18, 2011
  • 68. Documentation (for users)Wednesday, May 18, 2011
  • 69. Moar Strategies (written by not me)Wednesday, May 18, 2011
  • 70. Moar Suggestions!Wednesday, May 18, 2011
  • 71. Thanks! Questions? http://spkr8.com/t/7512 @mbleigh @intridea github.com/intridea/omniauthWednesday, May 18, 2011