How to Stop Reinventing the Auth Wheel

  • 1,110 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,110
On Slideshare
0
From Embeds
0
Number of Embeds
4

Actions

Shares
Downloads
16
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Tuesday, September 3, 13
  • 2. An iOS Authentication Architecture for All How to stop reinventing the auth wheel Tuesday, September 3, 13
  • 3. GreatApps Tuesday, September 3, 13
  • 4. What makes an app truly great? Tuesday, September 3, 13
  • 5. Amazing First Impressions Tuesday, September 3, 13
  • 6. Reliable and Secure Tuesday, September 3, 13
  • 7. Connected Tuesday, September 3, 13
  • 8. Personal Tuesday, September 3, 13
  • 9. WHAT’S THE BIG DEAL? Tuesday, September 3, 13
  • 10. Identity has a Role to Play Tuesday, September 3, 13
  • 11. But,There’sAProblem Tuesday, September 3, 13
  • 12. It’sComplicated Tuesday, September 3, 13
  • 13. So we end up like... Tuesday, September 3, 13
  • 14. Tuesday, September 3, 13
  • 15. Instead we should... Tuesday, September 3, 13
  • 16. Spend Time Building Features that ROCK Tuesday, September 3, 13
  • 17. The good news... Tuesday, September 3, 13
  • 18. Pattern There’s a for That Tuesday, September 3, 13
  • 19. ‘Simplicity is the ultimate sophistication.’ - Steve Jobs Tuesday, September 3, 13
  • 20. So, auth is complicated. Tuesday, September 3, 13
  • 21. Why? Tuesday, September 3, 13
  • 22. It’s not our core competency. Tuesday, September 3, 13
  • 23. Tons AND TONS of Detail. Tuesday, September 3, 13
  • 24. Never stops evolving. Tuesday, September 3, 13
  • 25. and so... Tuesday, September 3, 13
  • 26. we spend a lot of time Tuesday, September 3, 13
  • 27. and, we get frustrated. Tuesday, September 3, 13
  • 28. Not only is it complicated, Tuesday, September 3, 13
  • 29. it can lead to poor user experiences. Tuesday, September 3, 13
  • 30. like... Tuesday, September 3, 13
  • 31. TheWall Tuesday, September 3, 13
  • 32. Accountcreation Tuesday, September 3, 13
  • 33. Error Message: Your Password Must Be at Least 18770 Characters and Cannot Repeat Any of Your Previous 30689 Passwords Passwords Tuesday, September 3, 13
  • 34. However, the big issue is... Tuesday, September 3, 13
  • 35. Tuesday, September 3, 13
  • 36. Tuesday, September 3, 13
  • 37. So what do we need? Tuesday, September 3, 13
  • 38. Tools, APIs, & Services Tuesday, September 3, 13
  • 39. That are... Tuesday, September 3, 13
  • 40. Easy & Secure Tuesday, September 3, 13
  • 41. Simple. Accessible. Tuesday, September 3, 13
  • 42. Rely on Experts Tuesday, September 3, 13
  • 43. Is there a painkiller? Tuesday, September 3, 13
  • 44. Tuesday, September 3, 13
  • 45. But first... Tuesday, September 3, 13
  • 46. Tuesday, September 3, 13
  • 47. Fav MOV Tuesday, September 3, 13
  • 48. Demo Tuesday, September 3, 13
  • 49. /RCacheaux/FAVMOV Tuesday, September 3, 13
  • 50. Tuesday, September 3, 13
  • 51. Ok. Let’s personalize. Tuesday, September 3, 13
  • 52. Need Username and Profile Photo Tuesday, September 3, 13
  • 53. To be or not to be custom is the question. Tuesday, September 3, 13
  • 54. Identity Provider Tuesday, September 3, 13
  • 55. Tuesday, September 3, 13
  • 56. Salt & Hash Passwords Provide Two Factor Auth Use Modern Irreversible Hash Function Automatic Monitors Operate Help Desk Tuesday, September 3, 13
  • 57. Tuesday, September 3, 13
  • 58. Choose Wisely Tuesday, September 3, 13
  • 59. Relying Party Tuesday, September 3, 13
  • 60. Ok. Enough Vocabulary Tuesday, September 3, 13
  • 61. 1 2 3 4 Pick an Identity Provider Register Client Incorporate API Code Against API Using an Identity Provider Tuesday, September 3, 13
  • 62. Let’s pick an IDP... Tuesday, September 3, 13
  • 63. Tuesday, September 3, 13
  • 64. Tuesday, September 3, 13
  • 65. Authentication vs Authorization Tuesday, September 3, 13
  • 66. Scoping Tuesday, September 3, 13
  • 67. Demo Tuesday, September 3, 13
  • 68. ‘That’s great, but what if my users don’t have Facebook accounts.’ Tuesday, September 3, 13
  • 69. Let’s pick another IDP... Tuesday, September 3, 13
  • 70. ARCHITECTURE Tuesday, September 3, 13
  • 71. Before, let’s walk through the code. Tuesday, September 3, 13
  • 72. Demo Tuesday, September 3, 13
  • 73. Now we can hold another IDP, which one? Tuesday, September 3, 13
  • 74. Tuesday, September 3, 13
  • 75. Tuesday, September 3, 13
  • 76. ARCHITECTURE Tuesday, September 3, 13
  • 77. Accounts Framework Tuesday, September 3, 13
  • 78. Recommended Identity Providers Tuesday, September 3, 13
  • 79. What if my identity provider does not have an iOS API? Tuesday, September 3, 13
  • 80. Tuesday, September 3, 13
  • 81. Tuesday, September 3, 13
  • 82. Tuesday, September 3, 13
  • 83. Tuesday, September 3, 13
  • 84. Soyouwantaserver Tuesday, September 3, 13
  • 85. Backend as a Service Tuesday, September 3, 13
  • 86. Tuesday, September 3, 13
  • 87. Now, you need custom accounts. Tuesday, September 3, 13
  • 88. Sign In vs Sign Up Tuesday, September 3, 13
  • 89. What about custom back-ends? Tuesday, September 3, 13
  • 90. Tuesday, September 3, 13
  • 91. Tuesday, September 3, 13
  • 92. Tuesday, September 3, 13
  • 93. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  • 94. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  • 95. Tuesday, September 3, 13
  • 96. Tuesday, September 3, 13
  • 97. Get, Store, Use Tuesday, September 3, 13
  • 98. Getting Tokens Tuesday, September 3, 13
  • 99. Basic HTTP Authentication Tuesday, September 3, 13
  • 100. Tuesday, September 3, 13
  • 101. The Access Token Tuesday, September 3, 13
  • 102. A word about OAuth 1 Tuesday, September 3, 13
  • 103. OAUTH 1 Tuesday, September 3, 13
  • 104. Where to Store? Tuesday, September 3, 13
  • 105. The Keychain Tuesday, September 3, 13
  • 106. The Operating System Tuesday, September 3, 13
  • 107. Server-side Tuesday, September 3, 13
  • 108. Browser Cookies Tuesday, September 3, 13
  • 109. The Flows Tuesday, September 3, 13
  • 110. App App App App IDP App Browser UIWebView OS Tuesday, September 3, 13
  • 111. How to Use Tokens Tuesday, September 3, 13
  • 112. HTTP Authentication Tuesday, September 3, 13
  • 113. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  • 114. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  • 115. Sharable Tokens Tuesday, September 3, 13
  • 116. Across Apps Tuesday, September 3, 13
  • 117. Across Devices Tuesday, September 3, 13
  • 118. Across Platforms Tuesday, September 3, 13
  • 119. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  • 120. 1 2 3 Secrets & Tokens Single Sign On Two Factor Authentication Tuesday, September 3, 13
  • 121. Tuesday, September 3, 13
  • 122. Tuesday, September 3, 13
  • 123. Tuesday, September 3, 13
  • 124. Thefuture Tuesday, September 3, 13
  • 125. biometrics Tuesday, September 3, 13
  • 126. ID Tuesday, September 3, 13
  • 127. Moreinaccounts framework Tuesday, September 3, 13
  • 128. LessCustomAccounts Tuesday, September 3, 13
  • 129. AccountChooser Tuesday, September 3, 13
  • 130. crossPlatformsignon Tuesday, September 3, 13
  • 131. WHAT’S THE BIG DEAL? Tuesday, September 3, 13
  • 132. Taking care of identity has many benefits... Tuesday, September 3, 13
  • 133. ImproveLives Tuesday, September 3, 13
  • 134. MoreUsage Tuesday, September 3, 13
  • 135. Tuesday, September 3, 13
  • 136. Tuesday, September 3, 13
  • 137. Tuesday, September 3, 13
  • 138. Lessofthis Tuesday, September 3, 13
  • 139. And Moreofthis Tuesday, September 3, 13
  • 140. remember Tuesday, September 3, 13
  • 141. delightyourusers Tuesday, September 3, 13
  • 142. Resources Tuesday, September 3, 13
  • 143. Tuesday, September 3, 13
  • 144. Tuesday, September 3, 13
  • 145. http://www.ietf.org/rfc/rfc6749.txt OAuth 2.0 RFC http://www.ietf.org/rfc/rfc2617.txt HTTP Authentication RFC http://openid.net/connect/ OpenID Connect Tuesday, September 3, 13
  • 146. Twitter Integration WWDC 2011 Integrating With Facebook, Twitter and Sina Weibo WWDC 2012 Protecting Secrets with the Keychain WWDC 2013 Tuesday, September 3, 13
  • 147. Google IO 2013 https://developers.google.com/live/shows/576883641 Identity Tech Overview: Less Pain, More Gain https://developers.google.com/live/shows/601975672 How to Offer Google+ Sign-In Alongside Other Social Sign-In Services Tuesday, September 3, 13
  • 148. http://www.parse.com Parse http://www.windowsazure.com/en-us/develop/mobile/ Windows Azure Mobile Services Backend as a Service Tuesday, September 3, 13
  • 149. http://www.accountchooser.com Account Chooser https://www.tbray.org/ongoing/ Tim Bray’s Ongoing Blog Tuesday, September 3, 13
  • 150. https://code.google.com/p/gtm-oauth/ GTM OAuth https://github.com/facebook/facebook-ios-sdk Facebook iOS SDK Libraries https://developers.google.com/+/ Google+ Sign In Tuesday, September 3, 13
  • 151. /RCacheaux/FAVMOV Tuesday, September 3, 13
  • 152. René Cacheaux iOS Architect rene.cacheaux@mutualmobile.com rene.cacheaux@gmail.com @RCachATX Tuesday, September 3, 13
  • 153. Tuesday, September 3, 13