tf-emc2 tuesday, february 15 th, 2011 brook schofield project development officer brook@terena.org ...

Post on 17-Dec-2015

216 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

TF-EMC2Tuesday, February 15th, 2011

Brook Schofield

Project Development Officer

brook@terena.org

www.terena.org

Slide 1

› LinkedIn› Business/Professional Contact Directory› OAuth

› MySpace› 2nd Place to Facebook› OAuth

› Windows Live ID (Messanger Connect)› Big User Base (Hotmail, MSN)› Tried OpenID (then stopped)› Uses OAuth-WRAP (prelude to OAuth 2.0)

Slide 2

› I’ve previously patched Twitter + Facebook› Copy + Paste Andreas’ authtwitter module› …but Twitter is sloppy!

› OAuth handling is very lax› authtwitter is a bad example :-( › Shared Data Structure came back to bite me.› LinkedIn is very strict!

› Two main components for an authsource› lib/source/AuthSource.php

› authenticate() and finalStep()› linkback.php

› Calls finalStep()

Slide 3

› 2nd big Social Networking Platform.› Just opened an Australian office.› Wasn’t for Sale.

Slide 4

› Very good dev tools + REST web client.

Slide 5

› OAuth› …but very strict

› Required POST rather than GET + HEADERS

Slide 6

Slide 7

› https://api.linkedin.com/uas/oauth/requestToken› POST (current code uses a GET)› Callback should be here!

› https://www.linkedin.com/uas/oauth/authenticate?oauth_token=94ab03c4-ae2c-45e4-8732-0e6c4899db63› REDIRECT› Twitter puts the Callback here :-(

› https://api.linkedin.com/uas/oauth/accessToken› POST (current code uses a GET)

› https://api.linkedin.com/v1/people/~› GET (API to return user data)› Set Header: x-li-format: json for JSON response

Slide 8

› AKA Messenger Connect

Slide 9

Slide 10

› 50k PHP Library from Microsoft – but replaced it with…

› $authorizeURL = 'https://consent.live.com/Connect.aspx'› . '?wrap_client_id=' . $this->key› . '&wrap_callback=' . › urlencode(SimpleSAML_Module::getModuleUrl('authwindowslive') › . '/linkback.php')› . '&wrap_client_state=' . urlencode($stateID)› . '&wrap_scope=WL_Profiles.View,Messenger.SignIn’› ;

› parse_str($result, $response);Slide 11

Returned Generated

Myspace:displayName, hasApp, id, msUserType,familyName, givenName, profileUrl, thumbnailUrl

LinkedIn:summary, headline, id, lastName, specialties, pictureUrl, firstName

Windows Live ID:BaseUri, Id, SelfLink, Title, Updated, AllContactsLink, Cid, FirstName, LastNameMyActivitiesLink, StatusMessageLink, UxLink, _mail (generated format)

_targetedID_uid_user_username

Slide 12

Slide 13

› Not unless it’s in simpleSAMLphp› TERENA Policy?› Dyonisius Policy?

› Encourages Collaboration!› If it’s good enough for TERENA it should be good

enough for the community!

› Dyonisius will tell you later today how it works.

Slide 14

Slide 15

brook@terena.org

+31651553991

sip:schofield@terena.org

skype://brookschofield

@BrookSchofield

facebook.com/brook.schofield

linkedin.com/in/brookschofield

Slide 16

top related