Slides associated with RailsConf 2011 presentation on OmniAuth.

1. OmniAuth:
From the Ground Up
Michael Bleigh / RailsConf 2011
Wednesday, May 18, 2011

2. Michael Bleigh
Wednesday, May 18, 2011

3. @mbleigh
Wednesday, May 18, 2011

4. @intridea
Wednesday, May 18, 2011

5. OmniAuth
github.com/intridea/omniauth
Wednesday, May 18, 2011

6. Wednesday, May 18, 2011

7. OmniAuth!
github.com/intridea/omniauth
Wednesday, May 18, 2011

8. Login with
anything
Wednesday, May 18, 2011

9. Assume
nothing*
*plus or minus a few small assumptions
Wednesday, May 18, 2011

10. Past.
Present.
Future.
Wednesday, May 18, 2011

11. Past!
The why of OmniAuth
Wednesday, May 18, 2011

12. Why are there
so many #&@$!
authentication
libraries?
Wednesday, May 18, 2011

13. devise
authlogic
clearance
sorcery
restful-authentication,
and so on...
Wednesday, May 18, 2011

14. Assumptions.
Wednesday, May 18, 2011

15. I only need one User model.
Users will sign up and provide a password.
Only e-mail can validate users.
I only need one authentication method.
I’m only going to use Rails in my app.
I don’t have variable deploy targets.
I don’t want to customize much.
Wednesday, May 18, 2011

16. Wednesday, May 18, 2011

17. Wednesday, May 18, 2011

18. Can we do
better?
Wednesday, May 18, 2011

19. We need a single,
normalized system
for authentication.
Wednesday, May 18, 2011

20. I Need Auth
MAGIC!
User Info
Wednesday, May 18, 2011

21. OmniAuth
Wednesday, May 18, 2011

22. It takes a while to
make easy things.
March 30, 2010 First Commit
October 1, 2010 0.1.0 (public release)
Wednesday, May 18, 2011

23. October 1, 2010
0.1.0
10 providers,
3 contributors
Wednesday, May 18, 2011

24. April 21, 2011
0.2.3
36 providers,
52 contributors
Wednesday, May 18, 2011

25. Today
master
47 providers,
76 contributors
Wednesday, May 18, 2011

26. Wednesday, May 18, 2011

27. Present! The now of OmniAuth
Wednesday, May 18, 2011

28. Wednesday, May 18, 2011

29. Good News!
We’re living in
the future*
*or an unrealeased git branch beta thereof
Wednesday, May 18, 2011

30. gem ‘omniauth’,
:git => ‘git://github.com/intridea/omniauth.git’,
:branch => ‘1.0-beta’
Wednesday, May 18, 2011

31. @sferik
Wednesday, May 18, 2011

32. “...has commit access to just
about every repo on GitHub”
- Josh Kalderimis
Wednesday, May 18, 2011

33. oa-identity
Login and Password with
OmniAuth Philosophy
Wednesday, May 18, 2011

34. Inevitable, but
difficult.
Wednesday, May 18, 2011

35. Avoiding
Assumptions
Wednesday, May 18, 2011

36. Do almost
nothing.
Wednesday, May 18, 2011

37. user model
e-mail verify
fancy
JUST IDENTITY
Wednesday, May 18, 2011

38. /auth/identity
/auth/identity/callback
/auth/identity/register
Wednesday, May 18, 2011

39. Identity in action?
Socialspring
Passport
Wednesday, May 18, 2011

40. Requirements
• Social and traditional auth
• Strict e-mail verification
• Multiple e-mails, multiple authentications
per user
• Flexible enough to work with LDAP etc. for
behind-the-firewall installs
• Automatic account creation based on
confirmed email domains
Wednesday, May 18, 2011

41. Let’s see what
happens...
Wednesday, May 18, 2011

42. [ livecoding ]
Wednesday, May 18, 2011

43. OmniAuth as
your only auth*
*if you like it that way, like I do.
Wednesday, May 18, 2011

44. OmniAuth as a
Framework
Wednesday, May 18, 2011

45. Perception
Perception
Wednesday, May 18, 2011

46. image via stopdropandrew.com
Let’s kill the magic.
Wednesday, May 18, 2011

47. Reality
Wednesday, May 18, 2011

48. The Guts
• OmniAuth is just middleware
• Each provider is a strategy
• Each strategy is a class
• Each strategy has phases:
• Request Phase
• Callback Phase
Wednesday, May 18, 2011

49. The User Info Hash
{
“provider”
=>
“friendface”,
“uid”
=>
“123456”,
“user_info”
=>
{
“nickname”
=>
“mbleigh”,
“name”
=>
“Michael
Bleigh”,
“email”
=>
“michael@intridea.com”
},
“credentials”
=>
{
“token”
=>
“120942310491asfas-­‐213-­‐0123”
}
}
Wednesday, May 18, 2011

50. The Bare Minimum
{
“provider”
=>
“minimal”,
“uid”
=>
“123456”,
“user_info”
=>
{
“name”
=>
“Michael
Bleigh”
}
}
Wednesday, May 18, 2011

51. Request Phase
/auth/:provider
• Requests information of the user
• For OAuth, redirects to provider
• For OpenID, requests URL
• For LDAP, requests user/pass
Wednesday, May 18, 2011

52. Callback Phase
/auth/:provider/callback
• Creates the user info hash
• For OAuth, grabs and uses access
token to fetch user info
• For OpenID, parses the response
• For LDAP, retrieves directory info
Wednesday, May 18, 2011

53. Enough talk.
Let’s BUILD!
Wednesday, May 18, 2011

54. [ livecoding ]
Wednesday, May 18, 2011

55. Future!
The what’s next of OmniAuth
Wednesday, May 18, 2011

56. Fostering
Contribution
Wednesday, May 18, 2011

57. Testing
Wednesday, May 18, 2011

58. Y U NO HAVE TESTS?
Wednesday, May 18, 2011

59. API Calls with remote site
interaction and credential
requirements.
To 40+ different sites.
Wednesday, May 18, 2011

60. I had to choose:
Test it all, or
release it ever.
Wednesday, May 18, 2011

61. Testing is
priority #1
going forward.
Wednesday, May 18, 2011

62. SUP DAWG I HEARD YOU LIKE TESTING GEMS
SO I MADE A GEM TO TEST YOUR GEM AND WROTE
TESTS FOR IT SO YOU CAN TEST MY GEM FOR
TESTING YOUR GEM WHILE YOU TEST YOUR GEM
Wednesday, May 18, 2011

63. Help me. Please.
Wednesday, May 18, 2011

64. Documentation
(for contributors)
Wednesday, May 18, 2011

65. Convenience
Wednesday, May 18, 2011

66. Massaging
Pain Points
Wednesday, May 18, 2011

67. Rails Integration
(via a separate gem)
Wednesday, May 18, 2011

68. Documentation
(for users)
Wednesday, May 18, 2011

69. Moar Strategies
(written by not me)
Wednesday, May 18, 2011

70. Moar Suggestions!
Wednesday, May 18, 2011

71. Thanks! Questions?
http://spkr8.com/t/7512
@mbleigh @intridea
github.com/intridea/omniauth
Wednesday, May 18, 2011