hybrid authentication - talking to major social networks
Post on 10-May-2015
7.758 Views
Preview:
TRANSCRIPT
Hybrid Authentication - Talking to major social networks
Md. Rayhan Chowdhury
Md. Rayhan Chowdhury | ray@raynux.com 2phpXperts 2011
You have developed a Wow application. &
You're sure everybody will like it.
Md. Rayhan Chowdhury | ray@raynux.com 3phpXperts 2011
Please Register to
taste our
WOW Service?
Okey, cool,
will try later...
Md. Rayhan Chowdhury | ray@raynux.com 4phpXperts 2011
How can you avoid this boring
registration?
Md. Rayhan Chowdhury | ray@raynux.com 5phpXperts 2011
Hybrid Authentication
Login with Google Account
Login with Facebook
Login with Windows Live
User
Md. Rayhan Chowdhury | ray@raynux.com 6phpXperts 2011
It has Benefits too
Hassle free login/registration
More website users
Successful Business
More money
You
Md. Rayhan Chowdhury | ray@raynux.com 7phpXperts 2011
There is also a bonus!
You have access to user's social data, friend base
Md. Rayhan Chowdhury | ray@raynux.com 8phpXperts 2011
Isn't it too complex?
Cool! But ....
Is there any standard?
How to implement?
Md. Rayhan Chowdhury | ray@raynux.com 9phpXperts 2011
OAuth 2.0
Yes, there is a standard and its so simple with
Md. Rayhan Chowdhury | ray@raynux.com 10phpXperts 2011
What is OAuth? Stands for Open Authorization Before OAuth: Google AuthSub, AOL OpenAuth, Yahoo
BBAuth, Flickr API, Amazon Web Services API, FacebookAuth
First introduced in 2006
Designed for API access delegation
Md. Rayhan Chowdhury | ray@raynux.com 11phpXperts 2011
OAuth 2.0
Next evolution of OAuth 1.0
Easy to implement
More flows to support desktop and mobile and living room devices
Not backward compatible with OAuth 1.0
Md. Rayhan Chowdhury | ray@raynux.com 12phpXperts 2011
OAuth 2.0 flows are
User-Agent Flow
Web Server Flow
Device Flow
Username and Password Flow
Client Credentials Flow
Assertion Flow
Md. Rayhan Chowdhury | ray@raynux.com 13phpXperts 2011
How does OAuth 2.0 work?
Client (Your website)
Resource Owner
Authorization Server
Resource Server
Authorization Request
Authorization Code
Request Access Token
Access Token
Access Token
Protected Resource
Md. Rayhan Chowdhury | ray@raynux.com 14phpXperts 2011
Web Flow – Implementation
Register your app @ https://code.google.com/apis/console/b/0/
Md. Rayhan Chowdhury | ray@raynux.com 15phpXperts 2011
Web Flow – Get Authorization Code
https://accounts.google.com/o/oauth2/auth?client_id=...&response_type=code&redirect_uri=...&scope=...
http://mine2share.com/labs/oauth2/callback.php?code=authorization_code
Login with Google Account
Md. Rayhan Chowdhury | ray@raynux.com 16phpXperts 2011
Web Flow – Get Access Code
Now from your Redirect URI, make a post request using CURL with following parameters
{"access_token" : "...",
"expires_in" : 3600}
https://accounts.google.com/o/oauth2/token?client_id=...&client_secret=...&grant_type=authorization_code&code=..&redirect_uri=...
Md. Rayhan Chowdhury | ray@raynux.com 17phpXperts 2011
Web Flow – Get Resource
Use the access_token to get granted resources
array (
'id' => '1150948574743835905','email' => 'faisal@bankinfobd.com','verified_email' => true,'name' => 'Faisal Morshed','given_name' => 'Faisal','family_name' => 'Morshed',
)
https://www.googleapis.com/oauth2/v1/userinfo?access_code=...
Md. Rayhan Chowdhury | ray@raynux.com 18phpXperts 2011
How to implement?
Md. Rayhan Chowdhury | ray@raynux.com 19phpXperts 2011
OAuth2Consumer::getInstance('Facebook', array(
'client_id' => 'your-client-id',
'client_secret' => 'your-client-secret',
'redirect_uri' => 'http://yoursite/callback.php',
'scope' => 'email,read_stream',
'base_uri' => 'https://graph.facebook.com/',
'authorize_uri' => 'https://graph.facebook.com/oauth/authorize',
'access_token_uri' => 'https://graph.facebook.com/oauth/access_token',
));
Configure OAuth2Consumer classFile: config.php
Md. Rayhan Chowdhury | ray@raynux.com 20phpXperts 2011
Get user authorization
Oauth2Consumer::getInstance('Facebook')->authorize();
File: connect.php
Step 1
Md. Rayhan Chowdhury | ray@raynux.com 21phpXperts 2011
Redirect to OAuth 2.0 end point
Md. Rayhan Chowdhury | ray@raynux.com 22phpXperts 2011
Grab the Access Token
Save this access token
File: callback.php
Step 2
$oauth2 = Oauth2Consumer::getInstance('Facebook');
$accessToken = $oauth2->getAccessToken();
Md. Rayhan Chowdhury | ray@raynux.com 23phpXperts 2011
Use the API with Access Token
$oauth = Oauth2Consumer::getInstance('Facebook');$oauth->setVariable('access_token', $accessToken);
$profile = $oauth->api('me');$friends = $oauth->api('me/friendlists');$albums = $oauth->api('me/albums');
Set the access token
Use the API as much as you want
Step 3
Md. Rayhan Chowdhury | ray@raynux.com 24phpXperts 2011
Decide to Login or Register
User is new? create an account first
Otherwise, log him/her in to your app
keep users and connections table separate
Users
Connections
1
n
Md. Rayhan Chowdhury | ray@raynux.com 25phpXperts 2011
Socialize Your Application
Encourage user to add more connections
You have read/write access, so Engage more
Respect user's opinion
Remember! never misuse
Md. Rayhan Chowdhury | ray@raynux.com 26phpXperts 2011
Who Support OAuth 2.0
Md. Rayhan Chowdhury | ray@raynux.com 27phpXperts 2011
References
Google API:Documentation: http://code.google.com/apis/accounts/docs/OAuth2.htmlAPI Console: https://code.google.com/apis/console/b/0/
Facebook:API Console: https://developers.facebook.com/appsDocumentation: https://developers.facebook.com/docs/authentication/
Windows Live:API Console: https://manage.dev.live.com/Documentation: http://msdn.microsoft.com/en-us/library/hh243647.aspx
OAuth 2.0:http://tools.ietf.org/html/draft-ietf-oauth-v2-22http://oauth.net/2/
Oauth2Consumer Class & Example:http://raynux.com/ray/labs/projects/oauth2.zip
Md. Rayhan Chowdhury | ray@raynux.com 28phpXperts 2011
Question and Answer
?Thank you
top related