Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Lowering the barrier to building things with Mozillians.org data
15 views
Skip to first unread message
Dietrich Ayala
Jul 24, 2014, 5:36:04 PM7/24/14
to mozilla-dev-c...@lists.mozilla.org
Hi everyone,
I've looked at the API and auth scheme, and it's quite limiting to have to set up a server component just to hide the API key.
Adding something that worked entirely client-side like OAuth implicit flow to allow access to the basic level of public data (status, groups) for users that have toggled that setting for their profile would be fantastic for enabling client-side Web apps.
I would like to *easily* build apps and games to enable Mozillians to do things like discover each other and further Mozilla goals, using our own tools like AppMaker and to install and distribute them easily to Firefox and Firefox OS.
Any thoughts on whether this is possible?
I've looked at the API and auth scheme, and it's quite limiting to have to set up a server component just to hide the API key.
Adding something that worked entirely client-side like OAuth implicit flow to allow access to the basic level of public data (status, groups) for users that have toggled that setting for their profile would be fantastic for enabling client-side Web apps.
I would like to *easily* build apps and games to enable Mozillians to do things like discover each other and further Mozilla goals, using our own tools like AppMaker and to install and distribute them easily to Firefox and Firefox OS.
Any thoughts on whether this is possible?
Giorgos Logiotatidis
Jul 30, 2014, 10:41:57 AM7/30/14
to Dietrich Ayala, mozilla-dev-c...@lists.mozilla.org
Hi Dietrich,
We're actually in the middle of designing and coding the version 2 of
the API. A couple of features that are related to your requests:
* All users will be able to get instantly and easily an API key
* With this API key will have access to _public_ data of mozillians -
as you suggest- and therefore it's a key that can be distributed with
code. No need to create server side components to hide the key.
* For applications that need access to more detailed user data, owners
will have to required a key with more permissions, similarly to what
we have now.
* We're also looking into ways to support user authentication against
mozillians.org -possibly with OAuth- when using a 3rd party webapp.
Due to changes in mozillians.org team there is no clear ETA for APIv2
atm but you can follow the progress using tracker bug 1011209 [0].
Thanks for the valuable input.
Best,
Giorgos
[0] https://bugzilla.mozilla.org/show_bug.cgi?id=1011209
> dev-community-tools mailing list
> dev-commu...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-community-tools
--
Sent with my mu4e
William Reynolds
Jul 30, 2014, 5:31:30 PM7/30/14
to Giorgos Logiotatidis, Dietrich Ayala, mozilla-dev-c...@lists.mozilla.org
On 7/30/14, 7:41 AM, Giorgos Logiotatidis wrote:
> * We're also looking into ways to support user authentication against
> mozillians.org -possibly with OAuth- when using a 3rd party webapp.
I would like to learn more about this.
> * We're also looking into ways to support user authentication against
> mozillians.org -possibly with OAuth- when using a 3rd party webapp.
Dietrich, do you have any suggestions or references for how we can do this?
Dietrich Ayala
Jul 31, 2014, 5:20:26 PM7/31/14
to Giorgos Logiotatidis, mozilla-dev-c...@lists.mozilla.org
Thanks Giorgos!
> * With this API key will have access to _public_ data of mozillians -
> as you suggest- and therefore it's a key that can be distributed with
> code. No need to create server side components to hide the key.
This pretty much solves the basic problem of easily writing
client-only Web apps that use Mozillians.org public data.
I think the only use-case left then is user authentication for knowing
which Mozillan the user is. But it sounds like that's on your list
too, which is great!
> * With this API key will have access to _public_ data of mozillians -
> as you suggest- and therefore it's a key that can be distributed with
> code. No need to create server side components to hide the key.
client-only Web apps that use Mozillians.org public data.
I think the only use-case left then is user authentication for knowing
which Mozillan the user is. But it sounds like that's on your list
too, which is great!
Dietrich Ayala
Jul 31, 2014, 5:22:35 PM7/31/14
to William Reynolds, mozilla-dev-c...@lists.mozilla.org, Giorgos Logiotatidis
Really depends on the implementation of Mozillians.org, which I'm not
familiar with. There are various off-the-shelf toolkits for adding
OAuth support for the common Web development languages. Giorgos
probably knows more than I do about the options there.
familiar with. There are various off-the-shelf toolkits for adding
OAuth support for the common Web development languages. Giorgos
probably knows more than I do about the options there.
0 new messages