LDS I/O is Live!

[AJ ONeal (Home)]

I've moved everything over to production servers (much faster now) and pace of API development is slowing down (there shouldn't be any more breaking changes on the browser side), mostly focusing on UI libs now.

I've updated the code for these examples:

Authorization Code Strategy (Browser / Server) OAuth2/3:

* Node Backend: https://github.com/LDSorg/backend-oauth2-node-passport-example

  * Angular Frontend: https://github.com/LDSorg/frontend-oauth2-angular-seed-example

  * jQuery Frontend: https://github.com/LDSorg/frontend-oauth2-jquery-example

If you need to implement an OAuth2 or 3 strategy in another language, DO NOT HARD CODE the urls. Pull from ldsconnect.org/oauth3.json when your module is initialized.

Implicit Grant Strategy (Browser Only):

  * Angular Frontend: https://github.com/LDSorg/frontend-oauth2-browser-angular-seed-example

  * jQuery Frontend: https://github.com/LDSorg/frontend-oauth2-browser-jquery-example

  * Full Angular App: https://github.com/LDSorg/facecards.org-frontend

Choose your own adventure API access

Clone a backend of your choice:

  git clone https://github.com/LDSorg/backend-oauth2-node-passport-example ./my-backend

  pushd my-backend

  npm install

Clone the https certs into './certs':

  git clone https://github.com/LDSorg/local.ldsconnect.org-certificates.git ./certs

Clone any frontend into './public':

  git clone https://github.com/LDSorg/facecards.org-frontend ./public

  pushd ./public

  bower install

  popd

Start the server:

  node ./serve.js

Visit https://local.ldsconnect.org:8043

Register Apps and Publish Live

Your apps will be created in test mode. You can click the checkbox and save to publish them live:

https://lds.io/#/develop/

More on the way

* Angular library is complete (login, api, local caching), but not yet published

* app_scoped_id will be implemented so you can reference stuff on your server

* get a one-click AccessToken for your ward from the developer console on LDS I/O

* test tokens will be restricted to local.lds.io and local.ldsconnect.org

* jQuery library

* API Explorer

[randy....@gmail.com]

This is a ton of work! Trying to catch up. Hoping to write something that lets me connect from Elixir soon. Just need to get around to doing it & understanding the new OAuth3 stuff.

-- Randy

[AJ ONeal (Home)]

The OAuth3 is something I'm creating. It's 100% "backwards compatible".

It's OAuth2 but instead of saying "and every implementation is just different enough to make it not work with the code you already have" I'm saying "and you only need one implementation because they'll all use the exact same set of directives".

In this sense, any OAuth2 implementation can become an OAuth3 implementation simply by adding one file to the user-facing endpoint: oauth3.json

Then all of the private implementation details can be hidden.

For example:

ldsconnect.org's api is at lds.io, but all you need to know is ldsconnect.org/oauth3.json and the rest is transparent

facebook could become an OAuth3 provider simply by adding facebook.com/oauth3.json even though their api is *mostly* at graph.facebook.com/api/v2.

I also want to standardize some things that are "out in the wild" such as `granted_scopes`, `expires_at`, `app_scoped_id`, and other common helpful parameters that aren't in the spec, but that providers (i.e. facebook) use and are important for all implementors.

So as I continue I'll standardize "an oauth3 provider should do xyz this way", but I'll add directives to the oauth3.json spec so that any provider that has an "in house" implementation can map something like `token_valid_until` to `expires_at` so that an oauth3 consumer doesn't have to know "oh, they call theirs this and it's in epoch seconds instead of ISO timestamp".

If a provider doesn't have a mapping in their oauth3.json, you just assume it isn't supported.

The only piece of information you'll need with oauth3 is something you could easily present to end users in a form field:

Login website:

<input type="text" placeholder="ex: facebook.com"/>

<button type="submit">Login</button>

This is important for the home cloud system I'm working on because each user will have their own domain. I'm geeky, so I'll use coolaj86.com. Most people aren't, so they would use #{username}.daplie.com or #{username}@daplie.com or daplie.com/#{username} (however I decide to do it).

AJ ONeal

--
You received this message because you are subscribed to the Google Groups "LDS Connect" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lds-connect...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[AJ ONeal (Home)]

Ruby Backend:

  * https://github.com/LDSorg/backend-oauth2-ruby-sinatra-example

Firefox OS (fxos):

  * Angular: https://github.com/LDSorg/fxos-oauth2-angular-demo

  * jQuery: https://github.com/LDSorg/fxos-oauth2-jquery-demo

AJ ONeal