Search

Easy Testing On Ruby Openid Consumers

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1

    Good evening, my name is and I will be presenting
    First thing I want to point out that is that, I’m not going to go to deep on the OpenID Theory,
    I will just tackle the surface of it, for all the people that is not familiar with it, get an idea of what this is all about.

    * Define OpenID
    * Explain why we use
    * Define the terms used in the OpenID protocol,
    * Tackle the whole OpenID authentication process
    * Show the best options for implementing RP’s

    * How to manage the test process of our RP’s implementations
    * I’ll show you some code with Rails and Merb, and we are going to define a test

    * No forgetting passwords, manage your user information on one place
    * You don’t have to make federations in order to make this work, the identities doesn’t need
    to be in one OpenID Server
    * This protocol tries to be as simple as possible, ergo. it can be tackled because of this simplicity
    * It’s proven to work because it’s in top of the most popular Web technology

    * This makes it really easy for people to adapt to the concept of it
    * The same URL works, no matter where you are, and it can be found on the Web





















    Favorites, Groups & Events

    Easy Testing On Ruby Openid Consumers - Presentation Transcript

    1. Easy Testing on Ruby OpenID Consumer Implementations by Roman Gonzalez. Tuesday 24 March 2009
    2. Presentation Highlights • What is OpenID? • URL’s as our identity credentials • OpenID Terminology • The OpenID authentication process explained • How to implement RP’s Ruby Tuesday 24 March 2009
    3. Presentation Highlights • Testing OpenID RP’s • Demo (Rails, Merb) • Q&A’s Tuesday 24 March 2009
    4. What is OpenID? • A protocol that promotes the use of a single digital identity (Single Sign On) • Decentralized • Simple and light-weight (no high security stuff) • Built upon Web technologies (HTTP, DNS) Tuesday 24 March 2009
    5. URL’s are our credentials • Most of people already have an URL to represent their identity (Facebook, Twitter) • They are globally unique and ubiquitous Tuesday 24 March 2009
    6. OpenID Terminology • Actors • Identifier (URL of the user) • User-Agent (normally a Web Browser) • Relying Party (RP) • OpenID Provider (OP) Tuesday 24 March 2009
    7. OpenID Terminology • Direct Messages • HTTP POST requests from RP’s to OP’s • Used for interchange of public keys Tuesday 24 March 2009
    8. OpenID Terminology • Indirect Messages • HTTP Redirects from RP’s to OP’s and back • Used for the authentication process Tuesday 24 March 2009
    9. OpenID Authentication Step 1. Discovery Tuesday 24 March 2009
    10. OpenID Authentication Step 1. Discovery HTTP GET Tuesday 24 March 2009
    11. OpenID Authentication Step 1. Discovery Tuesday 24 March 2009
    12. OpenID Authentication Step 1. Discovery Tuesday 24 March 2009
    13. OpenID Authentication Step 1. Discovery Tuesday 24 March 2009
    14. OpenID Authentication Step 2. Association Tuesday 24 March 2009
    15. OpenID Authentication Step 2. Association HTTP POST Exchange of public keys Tuesday 24 March 2009
    16. OpenID Authentication Step 3. Give credentials to OP Tuesday 24 March 2009
    17. OpenID Authentication Step 4. Choose which info to give to the RP Tuesday 24 March 2009
    18. OpenID Authentication Step 5. You are _authenticated_ Tuesday 24 March 2009
    19. Implementing OpenID RP’s in Ruby • Ruby On Rails: open_id_authentication by rails at http://github.com • Merb: hassox’s merb-auth gem, using the OpenID strategy • Rack: Using the auth/openid Rack app included in the gem Tuesday 24 March 2009
    20. Testing OpenID RP’s • How do we make test on it? • First naive approach: mocking/stubbing the ruby- openid gem • Why it is so hard to test? • Multiple types of communication between the RP and the OP • The existing OP’s need human interaction Tuesday 24 March 2009
    21. Introducing ROTS (Ruby OpenID Test Server) • It provides an “easy” interface for automated testing • It uses an OP test servers (provided on the gem) and a test API Tuesday 24 March 2009
    22. DEMO Tuesday 24 March 2009
    23. Final Thoughts • ROTS is _not_ a silver bullet • OpenID is not perfect, and it is not trying to be Tuesday 24 March 2009
    24. Resources • http://openidexplained.com • http://github.com/rails/open_id_auth • http://github.com/roman/rots • http://test-id.net Tuesday 24 March 2009
    25. Q&A’s Tuesday 24 March 2009
    26. Thanks... Contact Me Follow: http://twitter/romanandreg Read: http://blog.romanandreg.com Tuesday 24 March 2009

    + romanandregromanandreg, 7 months ago

    custom

    748 views, 0 favs, 0 embeds more stats

    A presentation about how to do easy testing on Open more

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 748
      • 748 on SlideShare
      • 0 from embeds
    • Comments 0
    • Favorites 0
    • Downloads 18
    Most viewed embeds

    more

    All embeds

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    -->
    Search
    RSS Feed
    What's new?

    © 2009 SlideShare Inc. All Rights Reserved