Difference between revisions of "OAuth"

From GeeklogWiki
Jump to: navigation, search
Line 33: Line 33:
 
Users that log in through OAuth are automatically added to the "Remote Users" group.
 
Users that log in through OAuth are automatically added to the "Remote Users" group.
  
== Facebook OAuth Login Method ==
+
=== Limitations ===
 +
 
 +
* Currently, OAuth 1.0 is supported (OAuth 2.0 is still in development).
 +
 
 +
 
 +
== OAuth Login Methods ==
 +
 
 +
General review...
 +
 
 +
 
 +
=== Facebook ===
  
 
Access Facebook 'Create an Application' page, and input form.
 
Access Facebook 'Create an Application' page, and input form.
Line 41: Line 51:
  
  
== LinkedIn OAuth Login Method ==
+
=== LinkedIn ===
  
 
Access LinkedIn 'List of Applications' page, and click 'Add New Application'.
 
Access LinkedIn 'List of Applications' page, and click 'Add New Application'.
Line 49: Line 59:
  
  
== Twitter OAuth Login Method ==
+
=== Twitter ===
 
 
 
Access 'Applications Using Twitter' page and click 'Register a new application »'.
 
Access 'Applications Using Twitter' page and click 'Register a new application »'.
 
https://twitter.com/apps
 
https://twitter.com/apps
Line 61: Line 70:
  
  
 
=== Limitations ===
 
 
* Currently, OAuth 1.0 is supported (OAuth 2.0 is still in development).
 
  
 
== Further reading ==
 
== Further reading ==
  
 
* [http://OAuth.net/ OAuth homepage]
 
* [http://OAuth.net/ OAuth homepage]

Revision as of 19:29, 28 November 2010

What is OAuth?

The idea behind OAuth is to get rid of the need to register separately with all the websites out there that require registration before you can use them. Instead of having to keep track of all the different accounts, you can use one login on every website that supports OAuth.

To quote the OAuth homepage:

"An open protocol to allow secure API authorization in a simple and standard method from desktop and web applications."

OAuth is a free and open protocol. It is not owned by any corporation.

OAuth in Geeklog

OAuth support in Geeklog differs slightly from the Remote Authentication support, but only in that it requires a separate login prompt.

To activate OAuth support there are several steps.

First you must go to the Configuration Admin panel:

Configuration > Geeklog > Users and Submissions > Users > User Login Method[OAuth]

Set this option to "true". Just below this configuration option you will find the other OAuth settings. Currently Geeklog supports logging in via Facebook, LinkedIn and Twitter via OAuth. For each of these three login methods you will find an option to enable it and two text boxes for you to enter an Application Id and Application Secret Key (see below to find out how to get an Id and Secret Key). Each of these items needs to be filled out before the login button for it will be enabled. Once you have filled out the required information remember to then save the configuration changes.

Other requirements needed to enable Geeklogs OAuth Login process is you must have the PHP extension OpenSSL loaded on your web server.

When you log out, you will see one or more new login buttons in your site's User Functions block, below the normal login options:

OAuth-login.png

As the "http" suggests, your OAuth is really a URL that you use for the login (hence the need for a separate login prompt). Note that you will not enter your password on the site you are about to log in to. Instead, you will be taken to your OAuth provider (the place where you registered your OAuth) and enter the password there. So the Geeklog site will never see your OAuth password - it will only get an "okay" back from the OAuth provider if you authenticated successfully.

Once a user has logged in via OAuth, they are just like any other Geeklog user. They can be added to groups, change their profile, do whatever else you allow your users to do on your site. And yes, OAuth users can also be banned.

Users that log in through OAuth are automatically added to the "Remote Users" group.

Limitations

  • Currently, OAuth 1.0 is supported (OAuth 2.0 is still in development).


OAuth Login Methods

General review...


Facebook

Access Facebook 'Create an Application' page, and input form. http://developers.facebook.com/setup/



LinkedIn

Access LinkedIn 'List of Applications' page, and click 'Add New Application'. https://www.linkedin.com/secure/developer



Twitter

Access 'Applications Using Twitter' page and click 'Register a new application »'. https://twitter.com/apps

Application Type: Select 'Browser' Callback URL: Input URL same as Website Default Access type: Select 'Read & Write' Use Twitter for login: Check



Further reading