Upload
michael-bleigh
View
118
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Slides associated with RailsConf 2011 presentation on OmniAuth.
Citation preview
OmniAuth: From the Ground Up
Michael Bleigh / RailsConf 2011
Wednesday, May 18, 2011
Michael Bleigh
Wednesday, May 18, 2011
@mbleigh
Wednesday, May 18, 2011
@intridea
Wednesday, May 18, 2011
OmniAuthgithub.com/intridea/omniauth
Wednesday, May 18, 2011
Wednesday, May 18, 2011
OmniAuth!github.com/intridea/omniauth
Wednesday, May 18, 2011
Login withanything
Wednesday, May 18, 2011
Assumenothing*
*plus or minus a few small assumptions
Wednesday, May 18, 2011
Past.Present.Future.
Wednesday, May 18, 2011
Past!The why of OmniAuth
Wednesday, May 18, 2011
Why are there so many #&@$! authentication
libraries?
Wednesday, May 18, 2011
deviseauthlogicclearance
sorceryrestful-authentication,
and so on...
Wednesday, May 18, 2011
Assumptions.
Wednesday, May 18, 2011
I only need one User model.
Users will sign up and provide a password.
Only e-mail can validate users.
I only need one authentication method.
I’m only going to use Rails in my app.
I don’t have variable deploy targets.
I don’t want to customize much.
Wednesday, May 18, 2011
Wednesday, May 18, 2011
Wednesday, May 18, 2011
Can we do better?
Wednesday, May 18, 2011
We need a single,normalized system
for authentication.
Wednesday, May 18, 2011
I Need Auth
User Info
MAGIC!
Wednesday, May 18, 2011
OmniAuthWednesday, May 18, 2011
March 30, 2010 First Commit
October 1, 2010 0.1.0 (public release)
It takes a while to make easy things.
Wednesday, May 18, 2011
October 1, 2010
0.1.010 providers,
3 contributors
Wednesday, May 18, 2011
April 21, 2011
0.2.336 providers,
52 contributors
Wednesday, May 18, 2011
Today
master47 providers,
76 contributors
Wednesday, May 18, 2011
Wednesday, May 18, 2011
Present!The now of OmniAuth
Wednesday, May 18, 2011
Wednesday, May 18, 2011
Good News!We’re living in
the future*
*or an unrealeased git branch beta thereof
Wednesday, May 18, 2011
gem ‘omniauth’, :git => ‘git://github.com/intridea/omniauth.git’, :branch => ‘1.0-beta’
Wednesday, May 18, 2011
@sferik
Wednesday, May 18, 2011
“...has commit access to just about every repo on GitHub”
- Josh Kalderimis
Wednesday, May 18, 2011
oa-identityLogin and Password with
OmniAuth Philosophy
Wednesday, May 18, 2011
Inevitable, but difficult.
Wednesday, May 18, 2011
Avoiding Assumptions
Wednesday, May 18, 2011
Do almost nothing.
Wednesday, May 18, 2011
user modele-mail verify
fancyJUST IDENTITY
Wednesday, May 18, 2011
/auth/identity
/auth/identity/callback
/auth/identity/register
Wednesday, May 18, 2011
Identity in action?
SocialspringPassport
Wednesday, May 18, 2011
Requirements• Social and traditional auth
• Strict e-mail verification
• Multiple e-mails, multiple authentications per user
• Flexible enough to work with LDAP etc. for behind-the-firewall installs
• Automatic account creation based on confirmed email domains
Wednesday, May 18, 2011
Let’s see what happens...
Wednesday, May 18, 2011
[ livecoding ]
Wednesday, May 18, 2011
OmniAuth as your only auth*
*if you like it that way, like I do.
Wednesday, May 18, 2011
OmniAuth as a Framework
Wednesday, May 18, 2011
Perception
Perception
Wednesday, May 18, 2011
Let’s kill the magic.
image via stopdropandrew.com
Wednesday, May 18, 2011
Reality
Wednesday, May 18, 2011
The Guts
• OmniAuth is just middleware
• Each provider is a strategy
• Each strategy is a class
• Each strategy has phases:
• Request Phase
• Callback Phase
Wednesday, May 18, 2011
The User Info Hash{ “provider” => “friendface”, “uid” => “123456”, “user_info” => { “nickname” => “mbleigh”, “name” => “Michael Bleigh”, “email” => “[email protected]” }, “credentials” => { “token” => “120942310491asfas-‐213-‐0123” }}
Wednesday, May 18, 2011
The Bare Minimum
{ “provider” => “minimal”, “uid” => “123456”, “user_info” => { “name” => “Michael Bleigh” }}
Wednesday, May 18, 2011
Request Phase
• Requests information of the user
• For OAuth, redirects to provider
• For OpenID, requests URL
• For LDAP, requests user/pass
/auth/:provider
Wednesday, May 18, 2011
Callback Phase
• Creates the user info hash
• For OAuth, grabs and uses access token to fetch user info
• For OpenID, parses the response
• For LDAP, retrieves directory info
/auth/:provider/callback
Wednesday, May 18, 2011
Enough talk.Let’s BUILD!
Wednesday, May 18, 2011
[ livecoding ]
Wednesday, May 18, 2011
Future!The what’s next of OmniAuth
Wednesday, May 18, 2011
Fostering Contribution
Wednesday, May 18, 2011
Testing
Wednesday, May 18, 2011
Y U NO HAVE TESTS?
Wednesday, May 18, 2011
API Calls with remote site interaction and credential
requirements.
To 40+ different sites.
Wednesday, May 18, 2011
I had to choose:Test it all, or
release it ever.
Wednesday, May 18, 2011
Testing is priority #1
going forward.
Wednesday, May 18, 2011
SUP DAWG I HEARD YOU LIKE TESTING GEMS
SO I MADE A GEM TO TEST YOUR GEM AND WROTE TESTS FOR IT SO YOU CAN TEST MY GEM FOR
TESTING YOUR GEM WHILE YOU TEST YOUR GEMWednesday, May 18, 2011
Help me. Please.
Wednesday, May 18, 2011
Documentation(for contributors)
Wednesday, May 18, 2011
Convenience
Wednesday, May 18, 2011
MassagingPain Points
Wednesday, May 18, 2011
Rails Integration (via a separate gem)
Wednesday, May 18, 2011
Documentation (for users)
Wednesday, May 18, 2011
Moar Strategies(written by not me)
Wednesday, May 18, 2011
Moar Suggestions!
Wednesday, May 18, 2011
Thanks! Questions?
@mbleigh @intrideagithub.com/intridea/omniauth
http://spkr8.com/t/7512
Wednesday, May 18, 2011