0
Tuesday, September 3, 13
An iOS Authentication
Architecture for All
How to stop reinventing the auth wheel
Tuesday, September 3, 13
GreatApps
Tuesday, September 3, 13
What makes
an app
truly great?
Tuesday, September 3, 13
Amazing
First
Impressions
Tuesday, September 3, 13
Reliable
and
Secure
Tuesday, September 3, 13
Connected
Tuesday, September 3, 13
Personal
Tuesday, September 3, 13
WHAT’S THE BIG DEAL?
Tuesday, September 3, 13
Identity has a Role
to Play
Tuesday, September 3, 13
But,There’sAProblem
Tuesday, September 3, 13
It’sComplicated
Tuesday, September 3, 13
So we end up like...
Tuesday, September 3, 13
Tuesday, September 3, 13
Instead we should...
Tuesday, September 3, 13
Spend
Time
Building
Features
that
ROCK
Tuesday, September 3, 13
The good news...
Tuesday, September 3, 13
Pattern
There’s a
for That
Tuesday, September 3, 13
‘Simplicity is the
ultimate sophistication.’
- Steve Jobs
Tuesday, September 3, 13
So,
auth is complicated.
Tuesday, September 3, 13
Why?
Tuesday, September 3, 13
It’s not our core
competency.
Tuesday, September 3, 13
Tons AND TONS
of Detail.
Tuesday, September 3, 13
Never stops
evolving.
Tuesday, September 3, 13
and so...
Tuesday, September 3, 13
we spend a lot of time
Tuesday, September 3, 13
and, we get frustrated.
Tuesday, September 3, 13
Not only is it
complicated,
Tuesday, September 3, 13
it can lead to poor
user experiences.
Tuesday, September 3, 13
like...
Tuesday, September 3, 13
TheWall
Tuesday, September 3, 13
Accountcreation
Tuesday, September 3, 13
Error Message:
Your Password Must Be at
Least 18770 Characters and
Cannot Repeat Any of Your
Previous 30689 Passwords
Pass...
However,
the big issue is...
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
So what do we need?
Tuesday, September 3, 13
Tools, APIs,
& Services
Tuesday, September 3, 13
That are...
Tuesday, September 3, 13
Easy & Secure
Tuesday, September 3, 13
Simple. Accessible.
Tuesday, September 3, 13
Rely on Experts
Tuesday, September 3, 13
Is there a painkiller?
Tuesday, September 3, 13
Tuesday, September 3, 13
But first...
Tuesday, September 3, 13
Tuesday, September 3, 13
Fav MOV
Tuesday, September 3, 13
Demo
Tuesday, September 3, 13
/RCacheaux/FAVMOV
Tuesday, September 3, 13
Tuesday, September 3, 13
Ok.
Let’s personalize.
Tuesday, September 3, 13
Need Username
and Profile Photo
Tuesday, September 3, 13
To be or not to be custom is the question.
Tuesday, September 3, 13
Identity
Provider
Tuesday, September 3, 13
Tuesday, September 3, 13
Salt & Hash Passwords
Provide Two Factor Auth
Use Modern Irreversible Hash Function
Automatic Monitors
Operate Help Desk
T...
Tuesday, September 3, 13
Choose Wisely
Tuesday, September 3, 13
Relying Party
Tuesday, September 3, 13
Ok.
Enough Vocabulary
Tuesday, September 3, 13
1
2
3
4
Pick an Identity Provider
Register Client
Incorporate API
Code Against API
Using an Identity Provider
Tuesday, Sep...
Let’s pick an IDP...
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Authentication
vs
Authorization
Tuesday, September 3, 13
Scoping
Tuesday, September 3, 13
Demo
Tuesday, September 3, 13
‘That’s great, but what
if my users don’t have
Facebook accounts.’
Tuesday, September 3, 13
Let’s pick another IDP...
Tuesday, September 3, 13
ARCHITECTURE
Tuesday, September 3, 13
Before, let’s walk
through the code.
Tuesday, September 3, 13
Demo
Tuesday, September 3, 13
Now we can hold
another IDP, which one?
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
ARCHITECTURE
Tuesday, September 3, 13
Accounts
Framework
Tuesday, September 3, 13
Recommended
Identity Providers
Tuesday, September 3, 13
What if my identity
provider does not
have an iOS API?
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Soyouwantaserver
Tuesday, September 3, 13
Backend as a
Service
Tuesday, September 3, 13
Tuesday, September 3, 13
Now, you need
custom accounts.
Tuesday, September 3, 13
Sign In vs Sign Up
Tuesday, September 3, 13
What about custom
back-ends?
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
1
2
3
Secrets & Tokens
Single Sign On
Two Factor Authentication
Tuesday, September 3, 13
1
2
3
Secrets & Tokens
Single Sign On
Two Factor Authentication
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Get,
Store,
Use
Tuesday, September 3, 13
Getting Tokens
Tuesday, September 3, 13
Basic HTTP
Authentication
Tuesday, September 3, 13
Tuesday, September 3, 13
The Access Token
Tuesday, September 3, 13
A word about OAuth 1
Tuesday, September 3, 13
OAUTH 1
Tuesday, September 3, 13
Where to Store?
Tuesday, September 3, 13
The Keychain
Tuesday, September 3, 13
The Operating
System
Tuesday, September 3, 13
Server-side
Tuesday, September 3, 13
Browser Cookies
Tuesday, September 3, 13
The Flows
Tuesday, September 3, 13
App App App App
IDP App Browser
UIWebView
OS
Tuesday, September 3, 13
How to Use Tokens
Tuesday, September 3, 13
HTTP Authentication
Tuesday, September 3, 13
1
2
3
Secrets & Tokens
Single Sign On
Two Factor Authentication
Tuesday, September 3, 13
1
2
3
Secrets & Tokens
Single Sign On
Two Factor Authentication
Tuesday, September 3, 13
Sharable Tokens
Tuesday, September 3, 13
Across
Apps
Tuesday, September 3, 13
Across Devices
Tuesday, September 3, 13
Across Platforms
Tuesday, September 3, 13
1
2
3
Secrets & Tokens
Single Sign On
Two Factor Authentication
Tuesday, September 3, 13
1
2
3
Secrets & Tokens
Single Sign On
Two Factor Authentication
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Thefuture
Tuesday, September 3, 13
biometrics
Tuesday, September 3, 13
ID
Tuesday, September 3, 13
Moreinaccounts
framework
Tuesday, September 3, 13
LessCustomAccounts
Tuesday, September 3, 13
AccountChooser
Tuesday, September 3, 13
crossPlatformsignon
Tuesday, September 3, 13
WHAT’S THE BIG DEAL?
Tuesday, September 3, 13
Taking care of
identity has many
benefits...
Tuesday, September 3, 13
ImproveLives
Tuesday, September 3, 13
MoreUsage
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
Lessofthis
Tuesday, September 3, 13
And
Moreofthis
Tuesday, September 3, 13
remember
Tuesday, September 3, 13
delightyourusers
Tuesday, September 3, 13
Resources
Tuesday, September 3, 13
Tuesday, September 3, 13
Tuesday, September 3, 13
http://www.ietf.org/rfc/rfc6749.txt
OAuth 2.0 RFC
http://www.ietf.org/rfc/rfc2617.txt
HTTP Authentication RFC
http://openi...
Twitter Integration
WWDC 2011
Integrating With Facebook, Twitter and
Sina Weibo
WWDC 2012
Protecting Secrets with the Keyc...
Google IO 2013
https://developers.google.com/live/shows/576883641
Identity Tech Overview: Less Pain, More Gain
https://dev...
http://www.parse.com
Parse
http://www.windowsazure.com/en-us/develop/mobile/
Windows Azure Mobile Services
Backend as a Se...
http://www.accountchooser.com
Account Chooser
https://www.tbray.org/ongoing/
Tim Bray’s Ongoing Blog
Tuesday, September 3,...
https://code.google.com/p/gtm-oauth/
GTM OAuth
https://github.com/facebook/facebook-ios-sdk
Facebook iOS SDK
Libraries
htt...
/RCacheaux/FAVMOV
Tuesday, September 3, 13
René Cacheaux
iOS Architect
rene.cacheaux@mutualmobile.com
rene.cacheaux@gmail.com
@RCachATX
Tuesday, September 3, 13
Tuesday, September 3, 13
Upcoming SlideShare
Loading in...5
×

How to Stop Reinventing the Auth Wheel

1,204

Published on

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,204
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
18
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "How to Stop Reinventing the Auth Wheel"

  1. 1. Tuesday, September 3, 13
  2. 2. An iOS Authentication Architecture for All How to stop reinventing the auth wheel Tuesday, September 3, 13
  3. 3. GreatApps Tuesday, September 3, 13
  4. 4. What makes an app truly great? Tuesday, September 3, 13
  5. 5. Amazing First Impressions Tuesday, September 3, 13
  6. 6. Reliable and Secure Tuesday, September 3, 13
  7. 7. Connected Tuesday, September 3, 13
  8. 8. Personal Tuesday, September 3, 13
  9. 9. WHAT’S THE BIG DEAL? Tuesday, September 3, 13
  10. 10. Identity has a Role to Play Tuesday, September 3, 13
  11. 11. But,There’sAProblem Tuesday, September 3, 13
  12. 12. It’sComplicated Tuesday, September 3, 13
  13. 13. So we end up like... Tuesday, September 3, 13
  14. 14. Tuesday, September 3, 13
  15. 15. Instead we should... Tuesday, September 3, 13
  16. 16. Spend Time Building Features that ROCK Tuesday, September 3, 13
  17. 17. The good news... Tuesday, September 3, 13
  18. 18. Pattern There’s a for That Tuesday, September 3, 13
  19. 19. ‘Simplicity is the ultimate sophistication.’ - Steve Jobs Tuesday, September 3, 13
  20. 20. So, auth is complicated. Tuesday, September 3, 13
  21. 21. Why? Tuesday, September 3, 13
  22. 22. It’s not our core competency. Tuesday, September 3, 13
  23. 23. Tons AND TONS of Detail. Tuesday, September 3, 13
  24. 24. Never stops evolving. Tuesday, September 3, 13
  25. 25. and so... Tuesday, September 3, 13
  26. 26. we spend a lot of time Tuesday, September 3, 13
  27. 27. and, we get frustrated. Tuesday, September 3, 13
  28. 28. Not only is it complicated, Tuesday, September 3, 13
  29. 29. it can lead to poor user experiences. Tuesday, September 3, 13
  30. 30. like... Tuesday, September 3, 13
  31. 31. TheWall Tuesday, September 3, 13
  32. 32. Accountcreation Tuesday, September 3, 13
  33. 33. Error Message: Your Password Must Be at Least 18770 Characters and Cannot Repeat Any of Your Previous 30689 Passwords Passwords Tuesday, September 3, 13
  34. 34. However, the big issue is... Tuesday, September 3, 13
  35. 35. Tuesday, September 3, 13
  36. 36. Tuesday, September 3, 13
  37. 37. So what do we need? Tuesday, September 3, 13
  38. 38. Tools, APIs, & Services Tuesday, September 3, 13
  39. 39. That are... Tuesday, September 3, 13
  40. 40. Easy & Secure Tuesday, September 3, 13
  41. 41. Simple. Accessible. Tuesday, September 3, 13
  42. 42. Rely on Experts Tuesday, September 3, 13
  43. 43. Is there a painkiller? Tuesday, September 3, 13
  44. 44. Tuesday, September 3, 13
  45. 45. But first... Tuesday, September 3, 13
  46. 46. Tuesday, September 3, 13
  47. 47. Fav MOV Tuesday, September 3, 13
  48. 48. Demo Tuesday, September 3, 13
  49. 49. /RCacheaux/FAVMOV Tuesday, September 3, 13
  50. 50. Tuesday, September 3, 13
  51. 51. Ok. Let’s personalize. Tuesday, September 3, 13
  52. 52. Need Username and Profile Photo Tuesday, September 3, 13
  53. 53. To be or not to be custom is the question. Tuesday, September 3, 13
  54. 54. Identity Provider Tuesday, September 3, 13
  55. 55. Tuesday, September 3, 13
  56. 56. Salt & Hash Passwords Provide Two Factor Auth Use Modern Irreversible Hash Function Automatic Monitors Operate Help Desk Tuesday, September 3, 13
  57. 57. Tuesday, September 3, 13
  58. 58. Choose Wisely Tuesday, September 3, 13
  59. 59. Relying Party Tuesday, September 3, 13
  60. 60. Ok. Enough Vocabulary Tuesday, September 3, 13
  61. 61. 1 2 3 4 Pick an Identity Provider Register Client Incorporate API Code Against API Using an Identity Provider Tuesday, September 3, 13
  62. 62. Let’s pick an IDP... Tuesday, September 3, 13
  63. 63. Tuesday, September 3, 13
  64. 64. Tuesday, September 3, 13
  65. 65. Authentication vs Authorization Tuesday, September 3, 13
  66. 66. Scoping Tuesday, September 3, 13
  67. 67. Demo Tuesday, September 3, 13
  68. 68. ‘That’s great, but what if my users don’t have Facebook accounts.’ Tuesday, September 3, 13
  69. 69. Let’s pick another IDP... Tuesday, September 3, 13
  70. 70. ARCHITECTURE Tuesday, September 3, 13
  71. 71. Before, let’s walk through the code. Tuesday, September 3, 13
  72. 72. Demo Tuesday, September 3, 13
  73. 73. Now we can hold another IDP, which one? Tuesday, September 3, 13
  74. 74. Tuesday, September 3, 13
  75. 75. Tuesday, September 3, 13
  76. 76. ARCHITECTURE Tuesday, September 3, 13
  77. 77. Accounts Framework Tuesday, September 3, 13
  78. 78. Recommended Identity Providers Tuesday, September 3, 13
  79. 79. What if my identity provider does not have an iOS API? Tuesday, September 3, 13
  80. 80. Tuesday, September 3, 13
  81. 81. Tuesday, September 3, 13
  82. 82. Tuesday, September 3, 13
  83. 83. Tuesday, September 3, 13
  84. 84. Soyouwantaserver Tuesday, September 3, 13
  85. 85. Backend as a Service Tuesday, September 3, 13
  86. 86. Tuesday, September 3, 13
  87. 87. Now, you need custom accounts. Tuesday, September 3, 13
  88. 88. Sign In vs Sign Up Tuesday, September 3, 13
  89. 89. What about custom back-ends? Tuesday, September 3, 13
  90. 90. Tuesday, September 3, 13
  91. 91. Tuesday, September 3, 13
  92. 92. Tuesday, September 3, 13
  93. 93. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  94. 94. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  95. 95. Tuesday, September 3, 13
  96. 96. Tuesday, September 3, 13
  97. 97. Get, Store, Use Tuesday, September 3, 13
  98. 98. Getting Tokens Tuesday, September 3, 13
  99. 99. Basic HTTP Authentication Tuesday, September 3, 13
  100. 100. Tuesday, September 3, 13
  101. 101. The Access Token Tuesday, September 3, 13
  102. 102. A word about OAuth 1 Tuesday, September 3, 13
  103. 103. OAUTH 1 Tuesday, September 3, 13
  104. 104. Where to Store? Tuesday, September 3, 13
  105. 105. The Keychain Tuesday, September 3, 13
  106. 106. The Operating System Tuesday, September 3, 13
  107. 107. Server-side Tuesday, September 3, 13
  108. 108. Browser Cookies Tuesday, September 3, 13
  109. 109. The Flows Tuesday, September 3, 13
  110. 110. App App App App IDP App Browser UIWebView OS Tuesday, September 3, 13
  111. 111. How to Use Tokens Tuesday, September 3, 13
  112. 112. HTTP Authentication Tuesday, September 3, 13
  113. 113. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  114. 114. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  115. 115. Sharable Tokens Tuesday, September 3, 13
  116. 116. Across Apps Tuesday, September 3, 13
  117. 117. Across Devices Tuesday, September 3, 13
  118. 118. Across Platforms Tuesday, September 3, 13
  119. 119. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  120. 120. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  121. 121. Tuesday, September 3, 13
  122. 122. Tuesday, September 3, 13
  123. 123. Tuesday, September 3, 13
  124. 124. Thefuture Tuesday, September 3, 13
  125. 125. biometrics Tuesday, September 3, 13
  126. 126. ID Tuesday, September 3, 13
  127. 127. Moreinaccounts framework Tuesday, September 3, 13
  128. 128. LessCustomAccounts Tuesday, September 3, 13
  129. 129. AccountChooser Tuesday, September 3, 13
  130. 130. crossPlatformsignon Tuesday, September 3, 13
  131. 131. WHAT’S THE BIG DEAL? Tuesday, September 3, 13
  132. 132. Taking care of identity has many benefits... Tuesday, September 3, 13
  133. 133. ImproveLives Tuesday, September 3, 13
  134. 134. MoreUsage Tuesday, September 3, 13
  135. 135. Tuesday, September 3, 13
  136. 136. Tuesday, September 3, 13
  137. 137. Tuesday, September 3, 13
  138. 138. Lessofthis Tuesday, September 3, 13
  139. 139. And Moreofthis Tuesday, September 3, 13
  140. 140. remember Tuesday, September 3, 13
  141. 141. delightyourusers Tuesday, September 3, 13
  142. 142. Resources Tuesday, September 3, 13
  143. 143. Tuesday, September 3, 13
  144. 144. Tuesday, September 3, 13
  145. 145. http://www.ietf.org/rfc/rfc6749.txt OAuth 2.0 RFC http://www.ietf.org/rfc/rfc2617.txt HTTP Authentication RFC http://openid.net/connect/ OpenID Connect Tuesday, September 3, 13
  146. 146. Twitter Integration WWDC 2011 Integrating With Facebook, Twitter and Sina Weibo WWDC 2012 Protecting Secrets with the Keychain WWDC 2013 Tuesday, September 3, 13
  147. 147. Google IO 2013 https://developers.google.com/live/shows/576883641 Identity Tech Overview: Less Pain, More Gain https://developers.google.com/live/shows/601975672 How to Offer Google+ Sign-In Alongside Other Social Sign-In Services Tuesday, September 3, 13
  148. 148. http://www.parse.com Parse http://www.windowsazure.com/en-us/develop/mobile/ Windows Azure Mobile Services Backend as a Service Tuesday, September 3, 13
  149. 149. http://www.accountchooser.com Account Chooser https://www.tbray.org/ongoing/ Tim Bray’s Ongoing Blog Tuesday, September 3, 13
  150. 150. https://code.google.com/p/gtm-oauth/ GTM OAuth https://github.com/facebook/facebook-ios-sdk Facebook iOS SDK Libraries https://developers.google.com/+/ Google+ Sign In Tuesday, September 3, 13
  151. 151. /RCacheaux/FAVMOV Tuesday, September 3, 13
  152. 152. René Cacheaux iOS Architect rene.cacheaux@mutualmobile.com rene.cacheaux@gmail.com @RCachATX Tuesday, September 3, 13
  153. 153. Tuesday, September 3, 13
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×