OmniAuth: From the Ground Up (RailsConf 2011)

5,393
-1

Published on

Slides associated with RailsConf 2011 presentation on OmniAuth.

Published in: Technology, Business
1 Comment
4 Likes
Statistics
Notes
No Downloads
Views
Total Views
5,393
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
66
Comments
1
Likes
4
Embeds 0
No embeds

No notes for slide

OmniAuth: From the Ground Up (RailsConf 2011)

  1. OmniAuth: From the Ground Up Michael Bleigh / RailsConf 2011Wednesday, May 18, 2011
  2. Michael BleighWednesday, May 18, 2011
  3. @mbleighWednesday, May 18, 2011
  4. @intrideaWednesday, May 18, 2011
  5. OmniAuth github.com/intridea/omniauthWednesday, May 18, 2011
  6. Wednesday, May 18, 2011
  7. OmniAuth! github.com/intridea/omniauthWednesday, May 18, 2011
  8. Login with anythingWednesday, May 18, 2011
  9. Assume nothing* *plus or minus a few small assumptionsWednesday, May 18, 2011
  10. Past. Present. Future.Wednesday, May 18, 2011
  11. Past! The why of OmniAuthWednesday, May 18, 2011
  12. Why are there so many #&@$! authentication libraries?Wednesday, May 18, 2011
  13. devise authlogic clearance sorcery restful-authentication, and so on...Wednesday, May 18, 2011
  14. Assumptions.Wednesday, May 18, 2011
  15. I only need one User model. Users will sign up and provide a password. Only e-mail can validate users. I only need one authentication method. I’m only going to use Rails in my app. I don’t have variable deploy targets. I don’t want to customize much.Wednesday, May 18, 2011
  16. Wednesday, May 18, 2011
  17. Wednesday, May 18, 2011
  18. Can we do better?Wednesday, May 18, 2011
  19. We need a single, normalized system for authentication.Wednesday, May 18, 2011
  20. I Need Auth MAGIC! User InfoWednesday, May 18, 2011
  21. OmniAuthWednesday, May 18, 2011
  22. It takes a while to make easy things. March 30, 2010 First Commit October 1, 2010 0.1.0 (public release)Wednesday, May 18, 2011
  23. October 1, 2010 0.1.0 10 providers, 3 contributorsWednesday, May 18, 2011
  24. April 21, 2011 0.2.3 36 providers, 52 contributorsWednesday, May 18, 2011
  25. Today master 47 providers, 76 contributorsWednesday, May 18, 2011
  26. Wednesday, May 18, 2011
  27. Present! The now of OmniAuthWednesday, May 18, 2011
  28. Wednesday, May 18, 2011
  29. Good News! We’re living in the future* *or an unrealeased git branch beta thereofWednesday, May 18, 2011
  30. gem ‘omniauth’, :git => ‘git://github.com/intridea/omniauth.git’, :branch => ‘1.0-beta’Wednesday, May 18, 2011
  31. @sferikWednesday, May 18, 2011
  32. “...has commit access to just about every repo on GitHub” - Josh KalderimisWednesday, May 18, 2011
  33. oa-identity Login and Password with OmniAuth PhilosophyWednesday, May 18, 2011
  34. Inevitable, but difficult.Wednesday, May 18, 2011
  35. Avoiding AssumptionsWednesday, May 18, 2011
  36. Do almost nothing.Wednesday, May 18, 2011
  37. user model e-mail verify fancy JUST IDENTITYWednesday, May 18, 2011
  38. /auth/identity /auth/identity/callback /auth/identity/registerWednesday, May 18, 2011
  39. Identity in action? Socialspring PassportWednesday, May 18, 2011
  40. Requirements • Social and traditional auth • Strict e-mail verification • Multiple e-mails, multiple authentications per user • Flexible enough to work with LDAP etc. for behind-the-firewall installs • Automatic account creation based on confirmed email domainsWednesday, May 18, 2011
  41. Let’s see what happens...Wednesday, May 18, 2011
  42. [ livecoding ]Wednesday, May 18, 2011
  43. OmniAuth as your only auth* *if you like it that way, like I do.Wednesday, May 18, 2011
  44. OmniAuth as a FrameworkWednesday, May 18, 2011
  45. Perception PerceptionWednesday, May 18, 2011
  46. image via stopdropandrew.com Let’s kill the magic.Wednesday, May 18, 2011
  47. RealityWednesday, May 18, 2011
  48. The Guts • OmniAuth is just middleware • Each provider is a strategy • Each strategy is a class • Each strategy has phases: • Request Phase • Callback PhaseWednesday, May 18, 2011
  49. The User Info Hash {    “provider”  =>  “friendface”,    “uid”  =>  “123456”,    “user_info”  =>  {        “nickname”  =>  “mbleigh”,        “name”  =>  “Michael  Bleigh”,        “email”  =>  “michael@intridea.com”    },    “credentials”  =>  {        “token”  =>  “120942310491asfas-­‐213-­‐0123”    } }Wednesday, May 18, 2011
  50. The Bare Minimum {    “provider”  =>  “minimal”,    “uid”  =>  “123456”,    “user_info”  =>  {        “name”  =>  “Michael  Bleigh”    } }Wednesday, May 18, 2011
  51. Request Phase /auth/:provider • Requests information of the user • For OAuth, redirects to provider • For OpenID, requests URL • For LDAP, requests user/passWednesday, May 18, 2011
  52. Callback Phase /auth/:provider/callback • Creates the user info hash • For OAuth, grabs and uses access token to fetch user info • For OpenID, parses the response • For LDAP, retrieves directory infoWednesday, May 18, 2011
  53. Enough talk. Let’s BUILD!Wednesday, May 18, 2011
  54. [ livecoding ]Wednesday, May 18, 2011
  55. Future! The what’s next of OmniAuthWednesday, May 18, 2011
  56. Fostering ContributionWednesday, May 18, 2011
  57. TestingWednesday, May 18, 2011
  58. Y U NO HAVE TESTS?Wednesday, May 18, 2011
  59. API Calls with remote site interaction and credential requirements. To 40+ different sites.Wednesday, May 18, 2011
  60. I had to choose: Test it all, or release it ever.Wednesday, May 18, 2011
  61. Testing is priority #1 going forward.Wednesday, May 18, 2011
  62. SUP DAWG I HEARD YOU LIKE TESTING GEMS SO I MADE A GEM TO TEST YOUR GEM AND WROTE TESTS FOR IT SO YOU CAN TEST MY GEM FOR TESTING YOUR GEM WHILE YOU TEST YOUR GEMWednesday, May 18, 2011
  63. Help me. Please.Wednesday, May 18, 2011
  64. Documentation (for contributors)Wednesday, May 18, 2011
  65. ConvenienceWednesday, May 18, 2011
  66. Massaging Pain PointsWednesday, May 18, 2011
  67. Rails Integration (via a separate gem)Wednesday, May 18, 2011
  68. Documentation (for users)Wednesday, May 18, 2011
  69. Moar Strategies (written by not me)Wednesday, May 18, 2011
  70. Moar Suggestions!Wednesday, May 18, 2011
  71. Thanks! Questions? http://spkr8.com/t/7512 @mbleigh @intridea github.com/intridea/omniauthWednesday, May 18, 2011
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×