Embed Size (px)
Citation preview
TF-EMC2Tuesday, February 15th, 2011
Brook Schofield
Project Development Officer
www.terena.org
Slide 1
› LinkedIn› Business/Professional Contact Directory› OAuth
› MySpace› 2nd Place to Facebook› OAuth
› Windows Live ID (Messanger Connect)› Big User Base (Hotmail, MSN)› Tried OpenID (then stopped)› Uses OAuth-WRAP (prelude to OAuth 2.0)
Slide 2
› I’ve previously patched Twitter + Facebook› Copy + Paste Andreas’ authtwitter module› …but Twitter is sloppy!
› OAuth handling is very lax› authtwitter is a bad example :-( › Shared Data Structure came back to bite me.› LinkedIn is very strict!
› Two main components for an authsource› lib/source/AuthSource.php
› authenticate() and finalStep()› linkback.php
› Calls finalStep()
Slide 3
› 2nd big Social Networking Platform.› Just opened an Australian office.› Wasn’t for Sale.
Slide 4
› Very good dev tools + REST web client.
Slide 5
› OAuth› …but very strict
› Required POST rather than GET + HEADERS
Slide 6
Slide 7
› https://api.linkedin.com/uas/oauth/requestToken› POST (current code uses a GET)› Callback should be here!
› https://www.linkedin.com/uas/oauth/authenticate?oauth_token=94ab03c4-ae2c-45e4-8732-0e6c4899db63› REDIRECT› Twitter puts the Callback here :-(
› https://api.linkedin.com/uas/oauth/accessToken› POST (current code uses a GET)
› https://api.linkedin.com/v1/people/~› GET (API to return user data)› Set Header: x-li-format: json for JSON response
Slide 8
› AKA Messenger Connect
Slide 9
Slide 10
› 50k PHP Library from Microsoft – but replaced it with…
› $authorizeURL = 'https://consent.live.com/Connect.aspx'› . '?wrap_client_id=' . $this->key› . '&wrap_callback=' . › urlencode(SimpleSAML_Module::getModuleUrl('authwindowslive') › . '/linkback.php')› . '&wrap_client_state=' . urlencode($stateID)› . '&wrap_scope=WL_Profiles.View,Messenger.SignIn’› ;
› parse_str($result, $response);Slide 11
Returned Generated
Myspace:displayName, hasApp, id, msUserType,familyName, givenName, profileUrl, thumbnailUrl
LinkedIn:summary, headline, id, lastName, specialties, pictureUrl, firstName
Windows Live ID:BaseUri, Id, SelfLink, Title, Updated, AllContactsLink, Cid, FirstName, LastNameMyActivitiesLink, StatusMessageLink, UxLink, _mail (generated format)
_targetedID_uid_user_username
Slide 12
Slide 13
› Not unless it’s in simpleSAMLphp› TERENA Policy?› Dyonisius Policy?
› Encourages Collaboration!› If it’s good enough for TERENA it should be good
enough for the community!
› Dyonisius will tell you later today how it works.
Slide 14
Slide 15
+31651553991
skype://brookschofield
@BrookSchofield
facebook.com/brook.schofield
linkedin.com/in/brookschofield
Slide 16
