Presentation is loading. Please wait.

Presentation is loading. Please wait.

TF-EMC2 Tuesday, February 15 th, 2011 Brook Schofield Project Development Officer Slide 1.

Published byLouisa Walker Modified over 9 years ago

Similar presentations

Presentation on theme: "TF-EMC2 Tuesday, February 15 th, 2011 Brook Schofield Project Development Officer Slide 1."— Presentation transcript:

1 TF-EMC2 Tuesday, February 15 th, 2011 Brook Schofield Project Development Officer brook@terena.org www.terena.org Slide 1

2 ›LinkedIn ›Business/Professional Contact Directory ›OAuth ›MySpace ›2 nd Place to Facebook ›OAuth ›Windows Live ID (Messanger Connect) ›Big User Base (Hotmail, MSN) ›Tried OpenID (then stopped) ›Uses OAuth-WRAP (prelude to OAuth 2.0) Slide 2

3 ›I’ve previously patched Twitter + Facebook › Copy + Paste Andreas’ authtwitter module ›…but Twitter is sloppy! ›OAuth handling is very lax ›authtwitter is a bad example :-( ›Shared Data Structure came back to bite me. ›LinkedIn is very strict! ›Two main components for an authsource ›lib/source/AuthSource.php ›authenticate() and finalStep() ›linkback.php ›Calls finalStep() Slide 3

4 ›2 nd big Social Networking Platform. ›Just opened an Australian office. ›Wasn’t for Sale. Slide 4

5 ›Very good dev tools + REST web client. Slide 5

6 ›OAuth ›…but very strict ›Required POST rather than GET + HEADERS Slide 6

7 Slide 7

8 ›https://api.linkedin.com/uas/oauth/requestTokenhttps://api.linkedin.com/uas/oauth/requestToken ›POST (current code uses a GET) ›Callback should be here! ›https://www.linkedin.com/uas/oauth/authentica te?oauth_token=94ab03c4-ae2c-45e4-8732- 0e6c4899db63https://www.linkedin.com/uas/oauth/authentica te?oauth_token=94ab03c4-ae2c-45e4-8732- 0e6c4899db63 ›REDIRECT ›Twitter puts the Callback here :-( ›https://api.linkedin.com/uas/oauth/accessTokenhttps://api.linkedin.com/uas/oauth/accessToken ›POST (current code uses a GET) ›https://api.linkedin.com/v1/people/~https://api.linkedin.com/v1/people/~ ›GET (API to return user data) ›Set Header: x-li-format: json for JSON response Slide 8

9 ›AKA Messenger Connect Slide 9

10 Slide 10

11 ›50k PHP Library from Microsoft – but replaced it with… ›$authorizeURL = 'https://consent.live.com/Connect.aspx' ›. '?wrap_client_id='. $this->key ›. '&wrap_callback='. ›urlencode(SimpleSAML_Module::getModuleUrl('authwindowslive') ›. '/linkback.php') ›. '&wrap_client_state='. urlencode($stateID) ›. '&wrap_scope=WL_Profiles.View,Messenger.SignIn’ ›; ›parse_str($result, $response); Slide 11

12 ReturnedGenerated Myspace: displayName, hasApp, id, msUserType, familyName, givenName, profileUrl, thumbnailUrl LinkedIn: summary, headline, id, lastName, specialties, pictureUrl, firstName Windows Live ID: BaseUri, Id, SelfLink, Title, Updated, AllContactsLink, Cid, FirstName, LastName MyActivitiesLink, StatusMessageLink, UxLink, _mail (generated format) _targetedID _uid _user _username Slide 12

13 Slide 13 ›Not unless it’s in simpleSAMLphp ›TERENA Policy? ›Dyonisius Policy? ›Encourages Collaboration! ›If it’s good enough for TERENA it should be good enough for the community! ›Dyonisius will tell you later today how it works.

14 Slide 14 ›Why no Generic OAuth? ›Data APIs too specific ›OpenID 3.0 Connect ›OpenID 2.0 isn’t really there either. ›OAuth 2.0 ›Facebook Graph API

15 Slide 15

16 brook@terena.org +31651553991 sip:schofield@terena.org skype://brookschofield @BrookSchofield facebook.com/brook.schofield linkedin.com/in/brookschofield Slide 16

Download ppt "TF-EMC2 Tuesday, February 15 th, 2011 Brook Schofield Project Development Officer Slide 1."

Similar presentations

Overview of Twitter API Nathan Liu. Twitter API Essentials Twitter API is a Representational State Transfer(REST) style web services exposed over HTTP(S).

Overview of Twitter API Nathan Liu. Twitter API Essentials Twitter API is a Representational State Transfer(REST) style web services exposed over HTTP(S).
EIFL Thursday, December 15 th, 2011 Brook Schofield Project Development Officer Slide 1.

EIFL Thursday, December 15 th, 2011 Brook Schofield Project Development Officer Slide 1.
Using Evernote and Google Docs in your web or mobile application (and potentially Dropbox and Skydrive) By Peter Messenger Senior Developer – Triple Point.

Using Evernote and Google Docs in your web or mobile application (and potentially Dropbox and Skydrive) By Peter Messenger Senior Developer – Triple Point.
Blogs, Wikis, and other Foreign- sounding Tools of the Internet Using Web 2.0 in our Tribal Libraries.

Blogs, Wikis, and other Foreign- sounding Tools of the Internet Using Web 2.0 in our Tribal Libraries.
Cross-linking Folksonomies Harith Alani. Multiple SNS Accounts del.icio.us.

Cross-linking Folksonomies Harith Alani. Multiple SNS Accounts del.icio.us.
Patterns & practices Symposium 2013 Windows Azure Active Directory Vittorio

Patterns & practices Symposium 2013 Windows Azure Active Directory Vittorio
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
Building Social Web Apps in ASP.NET. First HalfSecond Half (01)What’s New in ASP.NET 4.5 (60 mins)** MEAL BREAK ** (02) Building and Deploying Websites.

Building Social Web Apps in ASP.NET. First HalfSecond Half (01)What’s New in ASP.NET 4.5 (60 mins)** MEAL BREAK ** (02) Building and Deploying Websites.
TERENA TF-EMC2 15 feb 2011 Dyonisius Visser

TERENA TF-EMC2 15 feb 2011 Dyonisius Visser
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
Active Directory federation user provisioning.

Active Directory federation user provisioning.
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
Introduction 1 Lecture 7 Application Layer (FTP, e-mail) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.

Introduction 1 Lecture 7 Application Layer (FTP, ) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
Remote Assistance  Using this program you can allow someone to work on your computer, chat with you and view your screen with your permission  The other.

Remote Assistance  Using this program you can allow someone to work on your computer, chat with you and view your screen with your permission  The other.
Introduction 1-1 Chapter 2 FTP & Email Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.

Introduction 1-1 Chapter 2 FTP & Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.
18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are.

18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are.
Today, global enterprises run on Windows Server Active Directory 90% of US enterprises and 70% of international corporations use Active Directory.

Today, global enterprises run on Windows Server Active Directory 90% of US enterprises and 70% of international corporations use Active Directory.
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten

OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten
Beyond the UI Using Tools to Improve Testing Jeremy Traylor

Beyond the UI Using Tools to Improve Testing Jeremy Traylor
SUNY Polytechnic Institute CS 490 – Web Design, AJAX, jQuery Web Services A web service is a software system that supports interaction (requesting data,

SUNY Polytechnic Institute CS 490 – Web Design, AJAX, jQuery Web Services A web service is a software system that supports interaction (requesting data,

Similar presentations

Ads by Google