Lost in o auth? learn velruse and get your life back
24
agile.open.connected Lost In OAuth? Learn Velruse And Get Your Life Back! Andrew Mleczko Wednesday, 3 July 2013
-
Upload
andrew-mleczko -
Category
Technology
-
view
1.507 -
download
1
description
Transcript of Lost in o auth? learn velruse and get your life back
agile.open.connectedLost In OAuth?Learn Velruse And Get Your Life Back! Andrew Mleczko
Wednesday, 3 July 2013
Andrew Mleczko
Python Dev
RedTurtle - Italy - Poland
@amleczko
www.redturtle.it
Andrew Mleczko
Wednesday, 3 July 2013
What is OAuth?
Wednesday, 3 July 2013
“OAuth is an open standard for authorization.”
wikipedia
Wednesday, 3 July 2013
Lack of anonymity
Lack of market saturation
Phishing
Data misuseBad precedents
Wednesday, 3 July 2013
This talk is not about it!Wednesday, 3 July 2013
velruseWednesday, 3 July 2013
Ben Bangert
@benbangert
https://github.com/bbangert/velruse
http://pythonhosted.org/velruse
Wednesday, 3 July 2013
velruseWednesday, 3 July 2013
minimal configuration use
or
as a stand-alone service
pyramid plugin
Wednesday, 3 July 2013
simple request schema
/{provider}/login
Wednesday, 3 July 2013
as a service
[app:velruse]use = egg:velruse
endpoint = http://example.com/logged_inprovider.facebook.consumer_key = 441361239240193provider.facebook.consumer_secret = 52ef2618a1999eeec6d9cprovider.facebook.scope = email...
Wednesday, 3 July 2013
handling login
# sample callback view in [email protected]('/logged_in', methods=['POST'])def login_callback(): # token is stored in the form data token = request.form['token'] return render_template('result.html', result=token)
# sample callback view in [email protected]('/logged_in', methods=['POST'])def login_callback(): token = request.form['token']
# the request must contain 'format' and 'token' params payload = {'format': 'json', 'token': token} # sending a GET request to /auth_info response = requests.get(request.host_url + 'velruse/auth_info', params=payload) auth_info = response.json return render_template('result.html', result=auth_info)
Wednesday, 3 July 2013
as a pyramid plugin
[app:main]use = egg:myapppyramid.includes = velruse.providers.facebookvelruse.facebook.consumer_key = 441361239240193velruse.facebook.consumer_secret = 52ef2618a1999eeec6d9cvelruse.facebook.scope = email...
Wednesday, 3 July 2013
handling login
@view_config( context='velruse.AuthenticationComplete', renderer='myapp:templates/result.mako',)def login_complete_view(request): context = request.context result = { 'provider_type': context.provider_type, 'provider_name': context.provider_name, 'profile': context.profile, 'credentials': context.credentials, } return {'result': json.dumps(result, indent=4)}
@view_config(
context='velruse.providers.facebook.FacebookAuthenticationComplete',
renderer='myapp:templates/result.mako',
)
def fb_login_complete_view(request):
pass
Wednesday, 3 July 2013
velruse providers
Wednesday, 3 July 2013
Google OAuth2 example
[app:velruse]use = egg:velruse
endpoint = http://example.com/logged_in
provider.google.consumer_key = 441361239240193provider.google.consumer_secret = 52ef2618a1999eeec6d9c
Wednesday, 3 July 2013
alfresco example
github.com/RedTurtle/pyramid_alfresco
[app:main]use = egg:myapppyramid.includes = pyramid_alfresco.oauthalfresco.consumer_key = 441361239240193alfresco.consumer_secret = 52ef2618a1999eeec6d9c
Wednesday, 3 July 2013
alfresco example
class AlfrescoProvider(object):
def login(self, request):
"""Initiate a alfresco login"""
scope = request.POST.get('scope', self.scope)
gh_url = flat_url(
'%s://%s/auth/oauth/versions/2/authorize' % (self.protocol, self.domain),
scope=scope,
response_type='code',
client_id=self.consumer_key,
redirect_uri=request.route_url(self.callback_route),
state=state)
return HTTPFound(location=gh_url)
Wednesday, 3 July 2013
alfresco example
class AlfrescoProvider(object):
...
def callback(self, request):
"""Process the alfresco redirect"""
sess_state = request.session.get('state')
req_state = request.GET.get('state')
access_url = flat_url('%s://%s/auth/oauth/versions/2/token' % (self.protocol, self.domain))
payload = {}
payload['client_id'] = self.consumer_key,
payload['client_secret'] = self.consumer_secret,
r = requests.post(access_url,data=payload)
cred = {'access_token': r.json()['access_token'],
'refresh_token': r.json()['refresh_token']}
return AlfrescoAuthenticationComplete(profile=profile,
credentials=cred,
provider_name=self.name,
provider_type=self.type)
Wednesday, 3 July 2013
plone example
github.com/RedTurtle/pas.plugins.velruse
Wednesday, 3 July 2013
plone example
github.com/RedTurtle/pas.plugins.velruse
[app:main]use = egg:myapppyramid.includes = velruse.providers.facebook velruse.providers.google velruse.providers.twittervelruse.facebook.consumer_key = 441361239240193velruse.facebook.consumer_secret = 52ef2618a1999eeec6d9cvelruse.facebook.scope = emailvelruse.twitter.consumer_key = 6453756375687365736velruse.twitter.consumer_secret = 563475384g5yg4f5g3g85345f33ff34fvelruse.google.consumer_key = 72342425845745453534535353464535432velruse.google.consumer_secret = hdfusdg76f78gaftsdf5s6d7f4sd5g4f
Wednesday, 3 July 2013
Grazie. Thank you.
Wednesday, 3 July 2013
Questions ?
Andrew MleczkoPython DevPlone Framework [email protected] tw: @amleczko
Wednesday, 3 July 2013
