[#78] Provide support for OAuth



Detailed description

OAuth is a protocol meant to allow third party applications to get access to one server on behalf of a user without having to provide it with full user credentials.

It is quite convenient to allow to provide access to APIs to clients on behalf of users.

It would be interesting to add such a mechanism in fusionforge in order to allow REST interfaces to benefit from it (see for instance the OSLC-CM feature request : #62)

General Information
Submitted by:
Olivier Berger
Date Submitted: 2010-01-26 13:48
Last Modified by: Nobody
Last Modified: 2017-11-02 20:00
Permalink: https://fusionforge.org/tracker/a_follow.php/78
Internal Fields
Data Type: Feature requests
Assigned to: Madhumita Dhar (mdhar)
State: Open
Priority: 3
Extra Fields
Target release:
Follow-up tabs
Message  ↓
Date: 2011-03-25 07:44
Sender: Olivier Berger

FYI, the code is committed on the trunk in the oauthprovider plugin

Date: 2010-11-05 16:12
Sender: Madhumita Dhar

I've begun porting the Oauth plugin for mantis to fusionforge. A copy of the code can be found here: http://forge.projet-coclico.org/scm/loggerhead/wp1/ff-oauth/files/head%3A/plugins/coclico/oauth/

Date: 2010-09-07 08:02
Sender: Olivier Berger

Thanks fro the pointer Alain. What's the conclusion (if you've read it, I haven't yet) : oauth is flawed or twitter implemented it in a poor way ?

Date: 2010-09-06 20:11
Sender: Alain Peyrat

An interesting article about OAuth, security & FOSS: http://arstechnica.com/security/guides/2010/09/twitter-a-case-study-on-how-to-do-oauth-wrong.ars/

Date: 2010-05-08 15:50
Sender: Olivier Berger

This may be implemented using the PHP OAuth lib written by Andy Smith (http://oauth.googlecode.com/svn/code/php/). Note that I've been working on implementing a similar feature for Mantis, and some reuse could be made, since it's PHP too ;). More details at : http://heliosplatform.svn.sourceforge.net/viewvc/heliosplatform/mantis-oslccm/trunk/mantisbt-oauth-plugin/OauthAuthz/

Date: 2010-02-17 08:49
Sender: Olivier Berger

We intend (as part of the COCLICO project) to provide such an initial implementation using SimpleSAMLPhp's OAuth module. In addition to the previously mentioned, there would also be the need for some new UIs for the management of pending requests, autorizations granted, and consumers, etc.

Date: 2010-02-15 14:56
Sender: Olivier Berger

This would require, among other things to add a store of "Clients"(/Consumers) that the forge recognizes (which would get granted some "client credentials" by users, and the corresponding management interface. More to follow ;)

No attached documents

No related commits.

Field Old Value Date By
assigned_tonone2010-11-06 18:32
Olivier Berger

No relations found.