Dirk: link to Writing an OAuth Provider Service (thanks @lornajane)

2011-03-22T10:27:15Z

link to Writing an OAuth Provider Service (thanks @lornajane)

Dirk: GSoC idea: full remote auth with OpenID and OAuth

2011-02-26T16:00:23Z

GSoC idea: full remote auth with OpenID and OAuth

New page

<center>(This is an idea page for the [[Google Summer of Code]])</center>

= Incentive =

Implement Remote Authentication using OpenID and OAuth such that a Geeklog site can act both as a consumer and as a provider. In other words, allow users to log into a Geeklog site using OpenID or OAuth and allow a Geeklog site to act as a provider of OpenID and OAuth such that you can log into other sites with the accounts from your Geeklog site.

== What's there ==

* Geeklog currently accepts [[OpenID|OpenID 1.1]] logins, i.e. using an OpenID from some other provider.
* As of Geeklog 1.8.0, there will be support for [[OAuth]] logins using your Twitter, Facebook, or LinkedIn account.
* From an [[SoC full openid support|earlier GSoC project]], we have a library that supports OpenID 2.0 - both the consumer and the provider side. It has not been integrated into Geeklog yet.

== What's missing ==

# A first obvious step would be to replace the existing OpenID 1.1 code with the OpenID 2.0 consumer code
# Review the current OpenID and OAuth consumer concept
#* Do we want to be able to restrict the services from which we accept logins?
#* OAuth support for Twitter, Facebook, and LinkedIn is currently hard-coded. This should probably be more flexible, such that you can add/remove services (sort of like the code we have for [[Remote Authentication]]).
# We need a concept for playing the role of an OpenID and OAuth provider
# Implement OpenID provider support (since the code is already there)
# Implement OAuth provider support (new code required)

= Goals =

Other than the obvious goals stated above, this project should be used to clean up the various bits and pieces around Geeklog's "native" Remote Authentication, OpenID, and OAuth support such that it is more consistent and easier to understand for both users and site administrators.
* easy and consistent configuration
* allow users to associate their account with the other login methods
* review related settings under "My Account" - some should not be available when using remote authentication
* review / redesign login forms

= Level of Difficulty =

''medium'' to ''hard''

The part allowing Geeklog to act as an OAuth provider would have to be implemented from scratch. All new and existing code would have to be reviewed for security issues.

Student should be familiar with OpenID and/or OAuth.

[[Category:Summer of Code]] [[Category:Development]]

← Older revision		Revision as of 10:27, 22 March 2011
Line 38:		Line 38:

	Student should be familiar with OpenID and/or OAuth.		Student should be familiar with OpenID and/or OAuth.
		+
		+
		+	= Further Reading =
		+
		+	* [http://toys.lerdorf.com/archives/55-Writing-an-OAuth-Provider-Service.html Writing an OAuth Provider Service]


	[[Category:Summer of Code]] [[Category:Development]]		[[Category:Summer of Code]] [[Category:Development]]

SoC Remote Authentication with OpenID and OAuth - Revision history

Dirk: link to Writing an OAuth Provider Service (thanks @lornajane)

Dirk: GSoC idea: full remote auth with OpenID and OAuth