1. agile.open.connectedLost In OAuth?
Learn Velruse And Get Your Life Back! Andrew Mleczko
Wednesday, 3 July 2013

2. Andrew Mleczko
Python Dev
RedTurtle - Italy - Poland
amleczko@redturtle.it
@amleczko
www.redturtle.it
Andrew Mleczko
Wednesday, 3 July 2013

3. What is OAuth?
Wednesday, 3 July 2013

4. “OAuth is an open standard
for authorization.”
wikipedia
Wednesday, 3 July 2013

5. Lack of anonymity
Lack of market saturation
Phishing
Data misuseBad precedents
Wednesday, 3 July 2013

6. This talk is not about it!
Wednesday, 3 July 2013

7. velruse
Wednesday, 3 July 2013

8. Ben Bangert
@benbangert
https://github.com/bbangert/velruse
http://pythonhosted.org/velruse
Wednesday, 3 July 2013

9. velruse
Wednesday, 3 July 2013

10. minimal configuration use
or
as a stand-alone service
pyramid plugin
Wednesday, 3 July 2013

11. simple request schema
/{provider}/login
Wednesday, 3 July 2013

12. as a service
[app:velruse]
use = egg:velruse
endpoint = http://example.com/logged_in
provider.facebook.consumer_key = 441361239240193
provider.facebook.consumer_secret = 52ef2618a1999eeec6d9c
provider.facebook.scope = email
...
Wednesday, 3 July 2013

13. handling login
# sample callback view in flask
@app.route('/logged_in', methods=['POST'])
def login_callback():
# token is stored in the form data
token = request.form['token']
return render_template('result.html', result=token)
# sample callback view in flask
@app.route('/logged_in', methods=['POST'])
def login_callback():
token = request.form['token']
# the request must contain 'format' and 'token' params
payload = {'format': 'json', 'token': token}
# sending a GET request to /auth_info
response = requests.get(request.host_url + 'velruse/auth_info', params=payload)
auth_info = response.json
return render_template('result.html', result=auth_info)
Wednesday, 3 July 2013

14. as a pyramid plugin
[app:main]
use = egg:myapp
pyramid.includes = velruse.providers.facebook
velruse.facebook.consumer_key = 441361239240193
velruse.facebook.consumer_secret = 52ef2618a1999eeec6d9c
velruse.facebook.scope = email
...
Wednesday, 3 July 2013

15. handling login
@view_config(
context='velruse.AuthenticationComplete',
renderer='myapp:templates/result.mako',
)
def login_complete_view(request):
context = request.context
result = {
'provider_type': context.provider_type,
'provider_name': context.provider_name,
'profile': context.profile,
'credentials': context.credentials,
}
return {'result': json.dumps(result, indent=4)}
@view_config(
context='velruse.providers.facebook.FacebookAuthenticationComplete',
renderer='myapp:templates/result.mako',
)
def fb_login_complete_view(request):
pass
Wednesday, 3 July 2013

16. velruse providers
Wednesday, 3 July 2013

17. Google OAuth2 example
[app:velruse]
use = egg:velruse
endpoint = http://example.com/logged_in
provider.google.consumer_key = 441361239240193
provider.google.consumer_secret = 52ef2618a1999eeec6d9c
Wednesday, 3 July 2013

18. alfresco example
github.com/RedTurtle/
pyramid_alfresco
[app:main]
use = egg:myapp
pyramid.includes = pyramid_alfresco.oauth
alfresco.consumer_key = 441361239240193
alfresco.consumer_secret = 52ef2618a1999eeec6d9c
Wednesday, 3 July 2013

19. alfresco example
class AlfrescoProvider(object):
def login(self, request):
"""Initiate a alfresco login"""
scope = request.POST.get('scope', self.scope)
gh_url = flat_url(
'%s://%s/auth/oauth/versions/2/authorize' % (self.protocol, self.domain),
scope=scope,
response_type='code',
client_id=self.consumer_key,
redirect_uri=request.route_url(self.callback_route),
state=state)
return HTTPFound(location=gh_url)
Wednesday, 3 July 2013

20. alfresco example
class AlfrescoProvider(object):
...
def callback(self, request):
"""Process the alfresco redirect"""
sess_state = request.session.get('state')
req_state = request.GET.get('state')
access_url = flat_url('%s://%s/auth/oauth/versions/2/token' % (self.protocol, self.domain))
payload = {}
payload['client_id'] = self.consumer_key,
payload['client_secret'] = self.consumer_secret,
r = requests.post(access_url,data=payload)
cred = {'access_token': r.json()['access_token'],
'refresh_token': r.json()['refresh_token']}
return AlfrescoAuthenticationComplete(profile=profile,
credentials=cred,
provider_name=self.name,
provider_type=self.type)
Wednesday, 3 July 2013

21. plone example
github.com/RedTurtle/
pas.plugins.velruse
Wednesday, 3 July 2013

22. plone example
github.com/RedTurtle/
pas.plugins.velruse
[app:main]
use = egg:myapp
pyramid.includes =
velruse.providers.facebook
velruse.providers.google
velruse.providers.twitter
velruse.facebook.consumer_key = 441361239240193
velruse.facebook.consumer_secret = 52ef2618a1999eeec6d9c
velruse.facebook.scope = email
velruse.twitter.consumer_key = 6453756375687365736
velruse.twitter.consumer_secret = 563475384g5yg4f5g3g85345f33ff34f
velruse.google.consumer_key = 72342425845745453534535353464535432
velruse.google.consumer_secret = hdfusdg76f78gaftsdf5s6d7f4sd5g4f
Wednesday, 3 July 2013

23. Grazie. Thank you.
Wednesday, 3 July 2013

24. Questions ?
Andrew Mleczko
Python Dev
Plone Framework Team
amleczko@redturtle.it
tw: @amleczko
Wednesday, 3 July 2013