SlideShare a Scribd company logo

Openid+Opensocial

Sebastiano Merlino (eTr)
Sebastiano Merlino (eTr)

Presented at Catania GTUG. This presentation is about the integration between openid and opensocial. Openid specification are described and the presentation involves in realization of a provider openid, a relying party a container opensocial and some gadgets. Are described technologies like communityid, poidsy, shindig, pigeon, m4p2 and some others...

Technology
1 of 33
Download to read offline
OpenID + OpenSocial Integration between two “open” technologies Sebastiano Merlino aka eTr etr@pensieroartificiale.com Gtug Group - Catania - Italy July 10th, 2010 1 / 33
OpenID + OpenSocial What about OpenID? OpenID (now at version 2.0) is an open, decentralized standard for authenticating users that can be used for access control, allowing users to log on to different services with the same digital identity where these services trust the authentication body. Wikipedia, the free encyclopedia Who controls OpenID? OpenID is decentralized and not owned by anyone. Every person can choose to become an OpenID provider without having to register or to be approved by any organization. The OpenID Foundation was formed to assist the open source community working like a legal entity. 2 / 33
OpenID + OpenSocial The OpenID protocol Glossary End-User: the person who wants to log in. Identifier: the standard URI or XRI used to identify the End-User (also called OpenID). OpenID provider: a service provider that offers the possibility to register OpenID URLs and XRIs and providing OpenID authentication. Relying Party: The site that wants to verify the End-User identity. It is also called Service Provider. Server Agent: The server that verifies the End-User’s OpenID. It usually is the same of the OpenID provider. User Agent: The program used by the End-User to access to the provider or to the relying party. It usually is a browser. 3 / 33
OpenID + OpenSocial The OpenID protocol There are two types of identifiers allowed: URLs and XRIs. There are two ways to obtain an OpenID enabled URL that can be used to access to a relying party: 1 To use an existing URL under user control linking to a page which contains OpenID tags in the HTML or serves a Yadis document. 2 To register to an OpenID provider. They usually offer to register a third level domain URL configured with OpenID HTML tags. Some providers generate on request a Yadis document with details about the end-user. XRIs are a new type of internet identifier designed for cross-domain identification. XRIs come in two forms: i-names and i-numbers that are registered as synonims. I-names can be reassigned but an i-number is never reassigned. An i-name is immediatly translated to it synonim i-number that is stored as OpenID by the relying party. 4 / 33
OpenID + OpenSocial The OpenID protocol The Login 1 The user provides his OpenID to the relying party using the form on their page. It is supposed that the user has already registered an OpenID identifier with an OpenID provider. 2 The relying party normalizes the provided OpenID. If the OpenID is an URL, the relying party implementing OpenID 1.0 requests the web page located at that URL and reads the proper HTML Tag to discover the identity provider service URL or receive a Yadis document with informations. With OpenID 2.0 instead, the OpenID is a XRI and the relying party discovers the identity provider service URL by requesting a XRDS document (Yadis) following the path indicated by the XRI. 5 / 33
OpenID + OpenSocial The OpenID protocol The Login 3 At this point the communication starts. The relying party can communicate with the provider without interaction with the user (checkid immediate) or, like it is popular in web, notificating the user and using his browser (checkid setup). 4 Relying party and provider establish a shared secret (starting from a nonce and using a Diffie-Hellman). With checkid setup the relying party redirects the user to the OpenID provider. 5 The provider requires the user a permission for the relying party. 6 If the user declines, he is redirected to the relying party with an error message, instead, if the user confirms the relying party verifies the authentication validating the shared secret. 7 At this point if the validation is successful, the user is considered logged in. 6 / 33
OpenID + OpenSocial The OpenID protocol HTML with OpenID Tags An OpenID tagged HTML page must contains these two links: <link rel=‘‘openid2.provider openid.server’’ href=‘‘http://www.livejournal.com/openid/server.bml’’/> <link rel=‘‘openid2.local id openid.delegate’’ href=‘‘http://exampleuser.livejournal.com/’’/> XRIs An XRI (eXtensible Resource Identifier) is a scheme resolution protocol for abstract identifiers. If an XRI starts with “=” it identifies a person, if starts with “@” identify an organization an if starts with “+” indicates a generic concept. Every name (i-name) can be converted into an i-number. xri://=Sebastiano.Merlino xri://=!1000.aib3.c6f2 xri://+phone.number xri://+!1000.f4f5.c3f5 xri://mysite.it/(=Sebastiano.Merlino) xri://mysite.it/(=!1000.aib3.c6f2) 7 / 33
OpenID + OpenSocial The OpenID protocol Yadis Yadis is a communication protocol for discovery of services. A Yadis ID can be a URL or a XRI i-name that can be resolved to a URL. The Yadis protocol specifies how to retrieve a service descriptor called Yadis Resource Descriptor. This descriptor follows the XRDS format to connect to several services. < ?xml version=1.0 encoding=UTF-8?> <xrds:XRDS xmlns:xrds=xri://$xrds xmlns=xri://$xrd*($v*2.0) xmlns:openid=http://openid.net/xmlns/1.0} <XRD> <Service priority=50} <Type>http://openid.net/signon/1.0</Type> <URI>http://www.myopenid.com/server</URI> <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate> </Service> </XRD> </xrds:XRDS> 8 / 33
OpenID + OpenSocial and...OAuth? OAuth and OpenID sounds like the same thing but they are really different. If OpenID exists to give access to multiple web sites, OAuth lets to authorize one website (called consumer) to access data from another web site (provider). The Open Authentication Google and Plaxo have released a hybrid protocol that combines OpenID with OAuth. Often, when a site wants to use services by another site, it requires login access details that the user may doesn’t want to condivide. To circumvent this problem has been created OAuth that drive the user to the provider, sending back him after the login. This technique can be improved with OpenID that can make this operation automatic. 9 / 33
OpenID + OpenSocial OpenID: Advantages and Disadvantages Advantages Accelerate SignUp process Reduce frustration of mantaining multiple Username and Password Minimize Password security risk Gain greater control over online identity Disadvantages The OpenID provider may track users’ habits. Third party authenticate your users. 10 / 33
OpenID + OpenSocial OpenID implementations Provider Community-ID (PHP) Relying Party Prarie (PHP) Poidsy (PHP) Masquerade (Ruby) Openid4Java (Java) DjangoID (Python) jopenid (Java) Packetizer OpenID Server (Perl) DotNetOpenAuth (.NET) DotNetOpenID (.NET) JOS (Java) 11 / 33
OpenID + OpenSocial OpenID provider: Community-ID Community-ID is an OpenID PHP implementation of a provider which is OpenID 2.0 compliant. Community-ID is totally free in use and is build 100% over Open Source software. This software is licensed under the BSD license. To use Community-ID, you have only to install it. For the installation the software requires a WebServer installed with support for PHP 5.2.4 or greater with the MySQLi installed. It is also required a MySQL database (version 4.1 or greater). These modules are required: php5-core php5-mysql php5-pdo mysql php5-gd php5-gmp. 12 / 33
OpenID + OpenSocial Relying Party: Poidsy Example <?php session start(); if (isset($ POST[’openid url’]) isset($ REQUEST[’openid mode’])) { if (isset($ POST[’openid type’]) && $ POST[’openid type’] != ’openid url’) { define(’OPENID URL’, $ POST[’openid type’]); } require(’../../processor.php’); //the poidsy validation script } else { [...some layout stuff...] if (isset($ SESSION[’openid’][’error’])) { unset($ SESSION[’openid’][’error’]); } else if (isset($ SESSION[’openid’][’validated’]) && $ SESSION[’openid’][’validated’]) { unset($ SESSION[’openid’][’validated’]); if (isset($ SESSION[’openid’][’sreg’])) { [...show data...] unset($ SESSION[’openid’][’sreg’]); } 13 / 33
OpenID + OpenSocial Relying Party: Poidsy Poidsy is a full functional set of PHP script that serves like OpenID relying party. The difference between Poidsy and other libraries is the ability of this implementation to not expose the OpenID logic. It can only be used without writing a single line of code. In the previous example, it is shown how to use the poidsy library. It is required to start a session where the library stores his values. If is passed to the page an OpenID url, the scripts requires the processor.php script to validate and authenticate the user. The same page is used to receive a response from the provider. If the response is an error, it is possible to print on the screen an error message, otherwise it is possible to read the response and use it like user data. 14 / 33
OpenID + OpenSocial Relying Party: Pigeon 32 valor medals were consigned to pigeons during the Second World War. Only 26 to dogs. 3 to horses. Only 1 to a cat. (What has he done? He has perhaps eaten a german pigeon?!?!) Remember: when the battle starts and the situation becomes chaotic with machine guns, artigliery and gas, we must trust the pigeons. Pigeon service was implemented by Dario Mazza, Sebastiano Merlino, Marco Messina, Davide Giuseppe Monaco, Paolo Pino and Eugenio Priscimone. It uses Openid4Java to realize a fully compatible relying party for OpenID verions: 1.0, 1.1 and 2.0. 15 / 33
OpenID + OpenSocial Relying Party: Pigeon Classes Pigeon consists in three classes: PigeonService, AuthenticationServlet, OIDResponseServlet. PigeonService implementation PigeonService consists in four methods: getConsumerManager : necessary to obtain the Openid4Java ConsumerManager. discoverOnIdentifier : used to obtain DiscoveryInformation necessary to the user’s effective authentication. createAuthRequest: method used to obtain the AuthRequest to send. processData: necessary to obtain an userID from the provider’s response. 16 / 33
OpenID + OpenSocial Relying Party: Pigeon getConsumerManager private static ConsumerManager getConsumerManager(){ if (consumerManager == null) { [...] consumerManager = new ConsumerManager(); consumerManager.setAssociations(new InMemoryConsumerAssociationStore()); consumerManager.setNonceVerifier(new InMemoryNonceVerifier(10000)); } [...] return consumerManager; } This method first initialize an empty ConsumerManager, then it decides what class is responsible to store the associations with providers. At the end the method sets a validity time for the nonce and returns the ConsumerManager. 17 / 33
OpenID + OpenSocial Relying Party: Pigeon discoverOnIdentifier public static DiscoveryInformation discoverOnIdentifier(String userSuppliedIdentifier){ DiscoveryInformation ret = null; ConsumerManager consumerManager = getConsumerManager(); [...] List discoveries = consumerManager.discover(userSuppliedIdentifier); ret = consumerManager.associate(discoveries); [...] return ret; } This method first initializes a null DiscoveryInformation and then using the ConsumerManager it discovers informations about the userSuppliedIdentifier. At the end the method returns the DiscoveryInformation. 18 / 33
OpenID + OpenSocial Relying Party: Pigeon createAuthRequest public static AuthRequest createAuthRequest(DiscoveryInformation discoveryInformation, String returnToAviary){ AuthRequest retValue = null; [..] retValue = getConsumerManager().authenticate(discoveryInformation, returnToAviary); SRegRequest req = SRegRequest.createFetchRequest(); retValue.addExtension(req); [..] return retValue; } This method uses the DiscoveryInformation to authenticate the user imposing to redirect to the url indicated in returnToAviary after the login. The method at the end returns the authRequest. 19 / 33
OpenID + OpenSocial Relying Party: Pigeon processData public static UserId processData(DiscoveryInformation discoveryInformation, ParameterList parameterList, String returnToAviary){ UserId ret = null; [...] VerificationResult verificationResult = getConsumerManager().verify(returnToAviary, parameterList, discoveryInformation); Identifier verifiedIdentifier = verificationResult.getVerifiedId(); if (verifiedIdentifier != null) { AuthSuccess authSuccess = (AuthSuccess) verificationResult.getAuthResponse(); ret = new UserId(UserId.Type.valueOf(me), verifiedIdentifier.getIdentifier()); } [...] return ret; } This method first verifies the idenitfier with the nonce and then stores it inside an UserID. 20 / 33
OpenID + OpenSocial Relying Party: Pigeon Authentication Servlet [...] DiscoveryInformation discoveryInformation = PigeonService.discoverOnIdentifier(userSuppliedIdentifier); req.getSession(true).setAttribute(“discoveryInformation”, discoveryInformation); AuthRequest authRequest = PigeonService.createAuthRequest(discoveryInformation, returnToUrl); res.sendRedirect(authRequest.getDestinationUrl(true)); [...] OIDResponseServlet [...] UserId uid = PigeonService.processData((DiscoveryInformation) req.getSession(true).getAttribute(“discoveryInformation”), new ParameterList(req.getParameterMap()), returnToUrl); UserHelper.setSessionUid(req,uid.getUserId()); UserHelper.setSessionUserHash(req,uid.hashCode()); AuthenticationResponse ar = new AuthenticationResponse(uid.getUserId()); [...] 21 / 33
OpenID + OpenSocial Relying Party: Pigeon These two servlet respectively requires authentication to the provider and receives his response. It could be seen how the servlet have only to use the methods implemented by the class Pigeon. Like can be seen in the previous slides is really simple to implement a relying party also using the java api Openid4Java. In this case, unlike Poidsy, we are not blind in front of the software implementation, so we need to have a knowledge of OpenID specification to make general at all our implementation. 22 / 33
OpenID + OpenSocial OpenSocial It’s open, it’s social, it’s up to you OpenSocial is a set of web API designed by Google, MySpace and many others web organizations with the objective to make interoperable every application implementing it with any social network system that supports them. It’s a set of two APIs, for javascript and REST. The javascript API are designed for “web gadgets” written in Google’s gadgets architecture. The REST API is for other apps: desktop, mobile and server. Gadgets are written using the Gadgets API. Any site that can host gadgets is called container. 23 / 33
OpenID + OpenSocial OpenSocial: Gadgets Structure of a Gadget <?xml version=‘‘1.0’’ encoding=‘‘UTF-8’’ ?> <Module> <ModulePrefs title=‘‘Hello World!’’> <Require feature=‘‘opensocial-0.8’’ /> </ModulePrefs> <Content type=‘‘html’’> <![CDATA[ Hello, world! ]]> </Content> </Module> <Module> indicates that this XML contains a gadget. <ModulePrefs> contains information about the gadget. <Require feature=“opensocial-0.8” /> denotes a required feature of the gadget. <Content type=“html”> indicates that the gadget’s content type is HTML. 24 / 33
OpenID + OpenSocial OpenSocial: Container Apache Shindig The reference implementation for an OpenSocial Container is Apache Shindig. An OpenSocial container is not merely a box designed to contains gadget but it also involves in the creation of a social infrastructure between members of the site implementing the API. There are two implementation for the Shindig Container: Java and PHP; these two versions have 3 major server side components: Persistent Data Loading Mechanism; Gadget Rendering Infrastructure OpenSocial server-side Implementation 25 / 33
OpenID + OpenSocial OpenSocial: Container Some features are client side, like: The real gadget container (in javascript) The OpenSocial container JSon, Restful and Caja support OpenSocial APIs OpenSocial’s API implemented are: OpenSocial REST : for Server-to-Server communications OpenSocial JSON-RPC : for Gadget-to-Server communications Javascript: for Gadgets implementation 26 / 33
OpenID + OpenSocial OpenSocial: Container Implementation Shindig Installation The shindig installation system is really simple. It just consists in extracting the downloaded archive to the directory where you wish install Apache Shindig. For the J2EE version the installation consists in copying the WAR file to $TOMCAT HOME/webapps if the server used is Tomcat. Building from source requires Java 1.5 or later with JAVA HOME environment variable set and Apache Maven already installed. For the PHP version you have just to copy shindig-php into a directory in /var/www obviously intending you have installed an Apache PHP server. Prerequisites are PHP 5.2.x with mod rewrite enabled with the json, simplexml, mcrypt and curl extensions enabled. 27 / 33
OpenID + OpenSocial OpenSocial: Container Implementation To personalize your container (client-side in js) you have to override methods from the default implementation changing functionalities to resemble what you want. Usually you have rewrite the main funcion renderGadgets. M4P2 M4P2 is an extension of the javascript client-side shindig container adding to it some functionalities using jQuery library. It has been realized by Dario Mazza, Sebastiano Merlino, Marco Messina, Davide Giuseppe Monaco, Paolo Pino and Eugenio Priscimone. It just consists in a single js script that can be used like container for OpenSocial Gadgets. 28 / 33
OpenID + OpenSocial OpenSocial: Container Implementation function renderGadgets(incoming, enable cb, disable cb) { enable sorting=(typeof(enable cb)==’function’) ? enable cb : function() {}; disable sorting=(typeof(disable cb)==’function’) ? disable cb : function() {}; [...] eval(var json data = + incoming); var ids = []; var urls = []; for (var el in json data) } ids.push(json data[el].id); var buffer = gadgets.container.createGadget(}specUrl: json data[el].url{); gadgets.container.addGadget(buffer); urls.push(buffer); } gadgets.container.layoutManager.setGadgetChromeIds(ids); for (var el in urls) { gadgets.container.renderGadget(urls[el]); var gadgetIframe = document.getElementById(urls[el].getIframeId()); gadgetIframe.setAttribute(’style’, ’width: 100%; max-height: 400px;’); } gadgets.container.refreshGadgets(); } 29 / 33
OpenID + OpenSocial OpenSocial: Container Implementation M4P2 In the previous slide is presented a piece of code from the overriding of the function renderGadgets. This function accepts three params: incoming, enable cb, disable cb. The first parameter is a string in JSON format: [{’id’:’gadget-chrome-x’,’url’: ’gadgets/Login/Login.xml’},{ ’id’:’gadget-chrome-y’, ’url’:’http://localhost:8080/examples/getFriendsHasApp.xml’ }] “id” indicates the name of the div that has to contain the gadget. “url” is the path to reach the gadget. The block that follows registers the gadget and renderizes it. 30 / 33
OpenID + OpenSocial A final merge <?xml version=“1.0” encoding=“UTF-8”?> <Module> <ModulePrefs title=“OpenSocial - Login utente” height=“250”> </ModulePrefs> <Content type=“html”> <![CDATA[ [...javascript inclusions...] [...do some stuff to print layout...] function accesso(){ var parametri = document.getElementById(“logstring”).value.split(“-”); var username = parametri[0]; var opname = parametri[1]; if(username==none){ window.location = “http://www.example.com:8080/openid/auth?op=” + opname; } else { var uid = document.getElementById(“userid”).value; window.location = “http://www.example.com:8080/openid/auth?op=” + opname + “&uid=” + uid; } [...do some stuff to fill form...] } ]]> </Content> </Module> 31 / 33
OpenID + OpenSocial A final merge An OpenID gadget In the previous slide it can be seen an example of a OpenID login gadget. In this example have been used a modified shindig container (M4P2) that uses a relying party “Pigeon” developed on openid4java connecting with a huge number of provider. At this point we have realized our global authentication tool that using OpenID makes easy the life of the user. In addiction to this, we can distribute our gadget to any site implementing OpenSocial containers and that wants to use it. Supposing we want to start our OpenID provider it could be an extremely interessant example of software distribution as advertisement. An interessant plan for the future could be to implement support also to OAuth allowing easy data exchange and creating an automatic site ring. 32 / 33
OpenID + OpenSocial Links... openid.net/developers/specs/ - to read about OpenID specifications. - article and step2.googlecode.com/svn/spec/openid oauth extension/latest/ specifications about the OAuth extension of OpenID. wiki.openid.net/Run-your-own-identity-server - A link to a collection of library to realize an OpenID provider. code.google.com/intl/it-IT/apis/opensocial/ - The official OpenSocial project page. shindig.apache.org/ - Shindig official web page. 33 / 33

Recommended

OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?Oliver Pfaff
 
NextGenPSD2 OAuth SCA Mode Security Recommendations
NextGenPSD2 OAuth SCA Mode Security Recommendations NextGenPSD2 OAuth SCA Mode Security Recommendations
NextGenPSD2 OAuth SCA Mode Security Recommendations Torsten Lodderstedt
 
Understanding OpenID
Understanding OpenIDUnderstanding OpenID
Understanding OpenIDPrabath Siriwardena
 
OpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedOpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedEugene Siow
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)Torsten Lodderstedt
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base CampOliver Pfaff
 
Full stack security
Full stack securityFull stack security
Full stack securityDPC Consulting Ltd
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 

Recommended

OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?Oliver Pfaff
 
NextGenPSD2 OAuth SCA Mode Security Recommendations
NextGenPSD2 OAuth SCA Mode Security Recommendations NextGenPSD2 OAuth SCA Mode Security Recommendations
NextGenPSD2 OAuth SCA Mode Security Recommendations Torsten Lodderstedt
 
Understanding OpenID
Understanding OpenIDUnderstanding OpenID
Understanding OpenIDPrabath Siriwardena
 
OpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedOpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedEugene Siow
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)Torsten Lodderstedt
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base CampOliver Pfaff
 
Full stack security
Full stack securityFull stack security
Full stack securityDPC Consulting Ltd
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An OverviewPat Patterson
 
Open ID Connect
Open ID ConnectOpen ID Connect
Open ID ConnectMustafa Göksever
 
OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)Torsten Lodderstedt
 
OpenID Connect 4 SSI
OpenID Connect 4 SSIOpenID Connect 4 SSI
OpenID Connect 4 SSITorsten Lodderstedt
 
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Justin Richer
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
 
OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2Mike Schwartz
 
Comprehensive overview FAPI 1 and FAPI 2
Comprehensive overview FAPI 1 and FAPI 2Comprehensive overview FAPI 1 and FAPI 2
Comprehensive overview FAPI 1 and FAPI 2Torsten Lodderstedt
 
Open id connect claims idcon mini vol1
Open id connect claims idcon mini vol1Open id connect claims idcon mini vol1
Open id connect claims idcon mini vol1Ryo Ito
 
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...Leonard Moustacchis
 
Linux & Open Source - Lezione 1
Linux & Open Source - Lezione 1Linux & Open Source - Lezione 1
Linux & Open Source - Lezione 1Sebastiano Merlino (eTr)
 
Amsterdam may13 v3_picconi
Amsterdam may13 v3_picconiAmsterdam may13 v3_picconi
Amsterdam may13 v3_picconiFrancesco Picconi (MSc,Dr)
 
Fabricounsel Intro 04.09
Fabricounsel Intro 04.09Fabricounsel Intro 04.09
Fabricounsel Intro 04.09martin young
 
Ada it#09 pengunaan pdf
Ada it#09 pengunaan pdfAda it#09 pengunaan pdf
Ada it#09 pengunaan pdfazlipaat
 
Ada it#04 enjin pencari
Ada it#04 enjin pencariAda it#04 enjin pencari
Ada it#04 enjin pencariazlipaat
 
Jmc Marketing Linked In
Jmc Marketing Linked InJmc Marketing Linked In
Jmc Marketing Linked InTremont
 
Cinemaadvantage Email
Cinemaadvantage EmailCinemaadvantage Email
Cinemaadvantage EmailFulleC01
 
Time Management
Time ManagementTime Management
Time Managementforumpembemgunan
 
Owl S Restricted
Owl S RestrictedOwl S Restricted
Owl S RestrictedSebastiano Merlino (eTr)
 
Human Resources Services
Human Resources ServicesHuman Resources Services
Human Resources Servicesmjarquin
 
Rally 2
Rally 2Rally 2
Rally 2Ingurugiro Etxea Fundazioa
 
Formato plano 10th week5_complex_sent
Formato plano 10th week5_complex_sentFormato plano 10th week5_complex_sent
Formato plano 10th week5_complex_sentEvelin Peña
 

More Related Content

What's hot

OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An OverviewPat Patterson
 
OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)Torsten Lodderstedt
 
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Justin Richer
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
 
OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2Mike Schwartz
 
Comprehensive overview FAPI 1 and FAPI 2
Comprehensive overview FAPI 1 and FAPI 2Comprehensive overview FAPI 1 and FAPI 2
Comprehensive overview FAPI 1 and FAPI 2Torsten Lodderstedt
 
Open id connect claims idcon mini vol1
Open id connect claims idcon mini vol1Open id connect claims idcon mini vol1
Open id connect claims idcon mini vol1Ryo Ito
 
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...Leonard Moustacchis
 

What's hot (10)

OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
 
Open ID Connect
Open ID ConnectOpen ID Connect
Open ID Connect
 
OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)
 
OpenID Connect 4 SSI
OpenID Connect 4 SSIOpenID Connect 4 SSI
OpenID Connect 4 SSI
 
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
 
OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2
 
Comprehensive overview FAPI 1 and FAPI 2
Comprehensive overview FAPI 1 and FAPI 2Comprehensive overview FAPI 1 and FAPI 2
Comprehensive overview FAPI 1 and FAPI 2
 
Open id connect claims idcon mini vol1
Open id connect claims idcon mini vol1Open id connect claims idcon mini vol1
Open id connect claims idcon mini vol1
 
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
 

Viewers also liked

Fabricounsel Intro 04.09
Fabricounsel Intro 04.09Fabricounsel Intro 04.09
Fabricounsel Intro 04.09martin young
 
Ada it#09 pengunaan pdf
Ada it#09 pengunaan pdfAda it#09 pengunaan pdf
Ada it#09 pengunaan pdfazlipaat
 
Ada it#04 enjin pencari
Ada it#04 enjin pencariAda it#04 enjin pencari
Ada it#04 enjin pencariazlipaat
 
Jmc Marketing Linked In
Jmc Marketing Linked InJmc Marketing Linked In
Jmc Marketing Linked InTremont
 
Cinemaadvantage Email
Cinemaadvantage EmailCinemaadvantage Email
Cinemaadvantage EmailFulleC01
 
Human Resources Services
Human Resources ServicesHuman Resources Services
Human Resources Servicesmjarquin
 
Formato plano 10th week5_complex_sent
Formato plano 10th week5_complex_sentFormato plano 10th week5_complex_sent
Formato plano 10th week5_complex_sentEvelin Peña
 
HyEnergy Theoretical Concept for a Retail Consumer Model
HyEnergy Theoretical Concept for a Retail Consumer ModelHyEnergy Theoretical Concept for a Retail Consumer Model
HyEnergy Theoretical Concept for a Retail Consumer ModelDorina M. Morcan
 
Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...
Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...
Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...Ingurugiro Etxea Fundazioa
 
Galeria Rammstein Slides
Galeria Rammstein SlidesGaleria Rammstein Slides
Galeria Rammstein SlidesNATALIA LAVERDE
 
Ada it#03 browser
Ada it#03 browserAda it#03 browser
Ada it#03 browserazlipaat
 
Ada it#05 laman blog
Ada it#05 laman blogAda it#05 laman blog
Ada it#05 laman blogazlipaat
 

Viewers also liked (20)

Linux & Open Source - Lezione 1
Linux & Open Source - Lezione 1Linux & Open Source - Lezione 1
Linux & Open Source - Lezione 1
 
Amsterdam may13 v3_picconi
Amsterdam may13 v3_picconiAmsterdam may13 v3_picconi
Amsterdam may13 v3_picconi
 
Fabricounsel Intro 04.09
Fabricounsel Intro 04.09Fabricounsel Intro 04.09
Fabricounsel Intro 04.09
 
Ada it#09 pengunaan pdf
Ada it#09 pengunaan pdfAda it#09 pengunaan pdf
Ada it#09 pengunaan pdf
 
Ada it#04 enjin pencari
Ada it#04 enjin pencariAda it#04 enjin pencari
Ada it#04 enjin pencari
 
Jmc Marketing Linked In
Jmc Marketing Linked InJmc Marketing Linked In
Jmc Marketing Linked In
 
Cinemaadvantage Email
Cinemaadvantage EmailCinemaadvantage Email
Cinemaadvantage Email
 
Time Management
Time ManagementTime Management
Time Management
 
Owl S Restricted
Owl S RestrictedOwl S Restricted
Owl S Restricted
 
Human Resources Services
Human Resources ServicesHuman Resources Services
Human Resources Services
 
Rally 2
Rally 2Rally 2
Rally 2
 
Formato plano 10th week5_complex_sent
Formato plano 10th week5_complex_sentFormato plano 10th week5_complex_sent
Formato plano 10th week5_complex_sent
 
HyEnergy Theoretical Concept for a Retail Consumer Model
HyEnergy Theoretical Concept for a Retail Consumer ModelHyEnergy Theoretical Concept for a Retail Consumer Model
HyEnergy Theoretical Concept for a Retail Consumer Model
 
Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...
Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...
Energiak etorkizunean izango duen eraginaren aurreikuspena ingurugiroetxea ne...
 
Lezione Uno Pratica
Lezione Uno PraticaLezione Uno Pratica
Lezione Uno Pratica
 
Updated Value of Volunteering
Updated Value of VolunteeringUpdated Value of Volunteering
Updated Value of Volunteering
 
Ereiten proiektuaren aurkezpena
Ereiten proiektuaren aurkezpenaEreiten proiektuaren aurkezpena
Ereiten proiektuaren aurkezpena
 
Galeria Rammstein Slides
Galeria Rammstein SlidesGaleria Rammstein Slides
Galeria Rammstein Slides
 
Ada it#03 browser
Ada it#03 browserAda it#03 browser
Ada it#03 browser
 
Ada it#05 laman blog
Ada it#05 laman blogAda it#05 laman blog
Ada it#05 laman blog
 

Similar to Openid+Opensocial

Review on OpenID Authentication Framework
Review on OpenID Authentication FrameworkReview on OpenID Authentication Framework
Review on OpenID Authentication Frameworkijsrd.com
 
Open id & OAuth
Open id & OAuthOpen id & OAuth
Open id & OAuthPaul Fryer
 
OpenID Tutorials
OpenID TutorialsOpenID Tutorials
OpenID TutorialsNao Haida
 
OSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyOSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyTracy Kuhrt
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteDavid Keener
 
OpenID in the Fedora Services
OpenID in the Fedora ServicesOpenID in the Fedora Services
OpenID in the Fedora ServicesPatrick Uiterwijk
 
2010 - Fédération des identités et OpenID
2010 - Fédération des identités et OpenID2010 - Fédération des identités et OpenID
2010 - Fédération des identités et OpenIDCyber Security Alliance
 
Geneva Application Security Forum: Vers une authentification plus forte dans ...
Geneva Application Security Forum: Vers une authentification plus forte dans ...Geneva Application Security Forum: Vers une authentification plus forte dans ...
Geneva Application Security Forum: Vers une authentification plus forte dans ...Sylvain Maret
 
Decentralized Social Networking
Decentralized Social NetworkingDecentralized Social Networking
Decentralized Social NetworkingPascal Van Hecke
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityMike Schwartz
 
What is the ORCID API and what you can do with it? (R. Peters)
What is the ORCID API and what you can do with it? (R. Peters)What is the ORCID API and what you can do with it? (R. Peters)
What is the ORCID API and what you can do with it? (R. Peters)ORCID, Inc
 
OAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectOAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectJacob Combs
 
open id & o-auth
open id & o-authopen id & o-auth
open id & o-authPaul Fryer
 

Similar to Openid+Opensocial (20)

Open ID
Open IDOpen ID
Open ID
 
Review on OpenID Authentication Framework
Review on OpenID Authentication FrameworkReview on OpenID Authentication Framework
Review on OpenID Authentication Framework
 
Open id & OAuth
Open id & OAuthOpen id & OAuth
Open id & OAuth
 
OpenID Tutorials
OpenID TutorialsOpenID Tutorials
OpenID Tutorials
 
OSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyOSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger Indy
 
Open ID Explained
Open ID ExplainedOpen ID Explained
Open ID Explained
 
Holt "Working with Scholarly APIs: A NISO Training Series, Session Two: ORCID"
Holt "Working with Scholarly APIs: A NISO Training Series, Session Two: ORCID"Holt "Working with Scholarly APIs: A NISO Training Series, Session Two: ORCID"
Holt "Working with Scholarly APIs: A NISO Training Series, Session Two: ORCID"
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
 
OpenID and OAuth
OpenID and OAuthOpenID and OAuth
OpenID and OAuth
 
OpenID in the Fedora Services
OpenID in the Fedora ServicesOpenID in the Fedora Services
OpenID in the Fedora Services
 
2010 - Fédération des identités et OpenID
2010 - Fédération des identités et OpenID2010 - Fédération des identités et OpenID
2010 - Fédération des identités et OpenID
 
Geneva Application Security Forum: Vers une authentification plus forte dans ...
Geneva Application Security Forum: Vers une authentification plus forte dans ...Geneva Application Security Forum: Vers une authentification plus forte dans ...
Geneva Application Security Forum: Vers une authentification plus forte dans ...
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect Explained
 
Decentralized Social Networking
Decentralized Social NetworkingDecentralized Social Networking
Decentralized Social Networking
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
 
What is the ORCID API and what you can do with it? (R. Peters)
What is the ORCID API and what you can do with it? (R. Peters)What is the ORCID API and what you can do with it? (R. Peters)
What is the ORCID API and what you can do with it? (R. Peters)
 
OAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectOAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID Connect
 
Lecture 20101124
Lecture 20101124Lecture 20101124
Lecture 20101124
 
open id & o-auth
open id & o-authopen id & o-auth
open id & o-auth
 
SWXG 2010.6.9 v2
SWXG 2010.6.9 v2SWXG 2010.6.9 v2
SWXG 2010.6.9 v2
 

More from Sebastiano Merlino (eTr)

Multithreading, multiprocessing e Asincronia
Multithreading, multiprocessing e AsincroniaMultithreading, multiprocessing e Asincronia
Multithreading, multiprocessing e AsincroniaSebastiano Merlino (eTr)
 
Linux & Open Source - Alternative Software
Linux & Open Source - Alternative SoftwareLinux & Open Source - Alternative Software
Linux & Open Source - Alternative SoftwareSebastiano Merlino (eTr)
 

More from Sebastiano Merlino (eTr) (20)

How to build SOLID code
How to build SOLID codeHow to build SOLID code
How to build SOLID code
 
Multithreading, multiprocessing e Asincronia
Multithreading, multiprocessing e AsincroniaMultithreading, multiprocessing e Asincronia
Multithreading, multiprocessing e Asincronia
 
Asterisk
AsteriskAsterisk
Asterisk
 
Biomeccatronica
BiomeccatronicaBiomeccatronica
Biomeccatronica
 
Bash programming
Bash programmingBash programming
Bash programming
 
Lezione Tre Pratica
Lezione Tre PraticaLezione Tre Pratica
Lezione Tre Pratica
 
Lezione tre
Lezione treLezione tre
Lezione tre
 
Lezione Quattro
Lezione QuattroLezione Quattro
Lezione Quattro
 
Lezione Due Pratica
Lezione Due PraticaLezione Due Pratica
Lezione Due Pratica
 
Lezione Cinque
Lezione CinqueLezione Cinque
Lezione Cinque
 
Lezione uno
Lezione unoLezione uno
Lezione uno
 
Lezione due
Lezione dueLezione due
Lezione due
 
Wsmo Restricted
Wsmo RestrictedWsmo Restricted
Wsmo Restricted
 
Sawsdl Restriced
Sawsdl RestricedSawsdl Restriced
Sawsdl Restriced
 
Owl Guide Resticted
Owl Guide RestictedOwl Guide Resticted
Owl Guide Resticted
 
Fast Wsdl Tutorial
Fast Wsdl TutorialFast Wsdl Tutorial
Fast Wsdl Tutorial
 
Lezione Tre
Lezione TreLezione Tre
Lezione Tre
 
Linux & Open Source - Alternative Software
Linux & Open Source - Alternative SoftwareLinux & Open Source - Alternative Software
Linux & Open Source - Alternative Software
 
Linux & Open Source - Lezione 2 Supporto
Linux & Open Source - Lezione 2 SupportoLinux & Open Source - Lezione 2 Supporto
Linux & Open Source - Lezione 2 Supporto
 
Linux & Open Source - Lezione 2
Linux & Open Source - Lezione 2Linux & Open Source - Lezione 2
Linux & Open Source - Lezione 2
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Openid+Opensocial

  • 1. OpenID + OpenSocial Integration between two “open” technologies Sebastiano Merlino aka eTr etr@pensieroartificiale.com Gtug Group - Catania - Italy July 10th, 2010 1 / 33
  • 2. OpenID + OpenSocial What about OpenID? OpenID (now at version 2.0) is an open, decentralized standard for authenticating users that can be used for access control, allowing users to log on to different services with the same digital identity where these services trust the authentication body. Wikipedia, the free encyclopedia Who controls OpenID? OpenID is decentralized and not owned by anyone. Every person can choose to become an OpenID provider without having to register or to be approved by any organization. The OpenID Foundation was formed to assist the open source community working like a legal entity. 2 / 33
  • 3. OpenID + OpenSocial The OpenID protocol Glossary End-User: the person who wants to log in. Identifier: the standard URI or XRI used to identify the End-User (also called OpenID). OpenID provider: a service provider that offers the possibility to register OpenID URLs and XRIs and providing OpenID authentication. Relying Party: The site that wants to verify the End-User identity. It is also called Service Provider. Server Agent: The server that verifies the End-User’s OpenID. It usually is the same of the OpenID provider. User Agent: The program used by the End-User to access to the provider or to the relying party. It usually is a browser. 3 / 33
  • 4. OpenID + OpenSocial The OpenID protocol There are two types of identifiers allowed: URLs and XRIs. There are two ways to obtain an OpenID enabled URL that can be used to access to a relying party: 1 To use an existing URL under user control linking to a page which contains OpenID tags in the HTML or serves a Yadis document. 2 To register to an OpenID provider. They usually offer to register a third level domain URL configured with OpenID HTML tags. Some providers generate on request a Yadis document with details about the end-user. XRIs are a new type of internet identifier designed for cross-domain identification. XRIs come in two forms: i-names and i-numbers that are registered as synonims. I-names can be reassigned but an i-number is never reassigned. An i-name is immediatly translated to it synonim i-number that is stored as OpenID by the relying party. 4 / 33
  • 5. OpenID + OpenSocial The OpenID protocol The Login 1 The user provides his OpenID to the relying party using the form on their page. It is supposed that the user has already registered an OpenID identifier with an OpenID provider. 2 The relying party normalizes the provided OpenID. If the OpenID is an URL, the relying party implementing OpenID 1.0 requests the web page located at that URL and reads the proper HTML Tag to discover the identity provider service URL or receive a Yadis document with informations. With OpenID 2.0 instead, the OpenID is a XRI and the relying party discovers the identity provider service URL by requesting a XRDS document (Yadis) following the path indicated by the XRI. 5 / 33
  • 6. OpenID + OpenSocial The OpenID protocol The Login 3 At this point the communication starts. The relying party can communicate with the provider without interaction with the user (checkid immediate) or, like it is popular in web, notificating the user and using his browser (checkid setup). 4 Relying party and provider establish a shared secret (starting from a nonce and using a Diffie-Hellman). With checkid setup the relying party redirects the user to the OpenID provider. 5 The provider requires the user a permission for the relying party. 6 If the user declines, he is redirected to the relying party with an error message, instead, if the user confirms the relying party verifies the authentication validating the shared secret. 7 At this point if the validation is successful, the user is considered logged in. 6 / 33
  • 7. OpenID + OpenSocial The OpenID protocol HTML with OpenID Tags An OpenID tagged HTML page must contains these two links: <link rel=‘‘openid2.provider openid.server’’ href=‘‘http://www.livejournal.com/openid/server.bml’’/> <link rel=‘‘openid2.local id openid.delegate’’ href=‘‘http://exampleuser.livejournal.com/’’/> XRIs An XRI (eXtensible Resource Identifier) is a scheme resolution protocol for abstract identifiers. If an XRI starts with “=” it identifies a person, if starts with “@” identify an organization an if starts with “+” indicates a generic concept. Every name (i-name) can be converted into an i-number. xri://=Sebastiano.Merlino xri://=!1000.aib3.c6f2 xri://+phone.number xri://+!1000.f4f5.c3f5 xri://mysite.it/(=Sebastiano.Merlino) xri://mysite.it/(=!1000.aib3.c6f2) 7 / 33
  • 8. OpenID + OpenSocial The OpenID protocol Yadis Yadis is a communication protocol for discovery of services. A Yadis ID can be a URL or a XRI i-name that can be resolved to a URL. The Yadis protocol specifies how to retrieve a service descriptor called Yadis Resource Descriptor. This descriptor follows the XRDS format to connect to several services. < ?xml version=1.0 encoding=UTF-8?> <xrds:XRDS xmlns:xrds=xri://$xrds xmlns=xri://$xrd*($v*2.0) xmlns:openid=http://openid.net/xmlns/1.0} <XRD> <Service priority=50} <Type>http://openid.net/signon/1.0</Type> <URI>http://www.myopenid.com/server</URI> <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate> </Service> </XRD> </xrds:XRDS> 8 / 33
  • 9. OpenID + OpenSocial and...OAuth? OAuth and OpenID sounds like the same thing but they are really different. If OpenID exists to give access to multiple web sites, OAuth lets to authorize one website (called consumer) to access data from another web site (provider). The Open Authentication Google and Plaxo have released a hybrid protocol that combines OpenID with OAuth. Often, when a site wants to use services by another site, it requires login access details that the user may doesn’t want to condivide. To circumvent this problem has been created OAuth that drive the user to the provider, sending back him after the login. This technique can be improved with OpenID that can make this operation automatic. 9 / 33
  • 10. OpenID + OpenSocial OpenID: Advantages and Disadvantages Advantages Accelerate SignUp process Reduce frustration of mantaining multiple Username and Password Minimize Password security risk Gain greater control over online identity Disadvantages The OpenID provider may track users’ habits. Third party authenticate your users. 10 / 33
  • 11. OpenID + OpenSocial OpenID implementations Provider Community-ID (PHP) Relying Party Prarie (PHP) Poidsy (PHP) Masquerade (Ruby) Openid4Java (Java) DjangoID (Python) jopenid (Java) Packetizer OpenID Server (Perl) DotNetOpenAuth (.NET) DotNetOpenID (.NET) JOS (Java) 11 / 33
  • 12. OpenID + OpenSocial OpenID provider: Community-ID Community-ID is an OpenID PHP implementation of a provider which is OpenID 2.0 compliant. Community-ID is totally free in use and is build 100% over Open Source software. This software is licensed under the BSD license. To use Community-ID, you have only to install it. For the installation the software requires a WebServer installed with support for PHP 5.2.4 or greater with the MySQLi installed. It is also required a MySQL database (version 4.1 or greater). These modules are required: php5-core php5-mysql php5-pdo mysql php5-gd php5-gmp. 12 / 33
  • 13. OpenID + OpenSocial Relying Party: Poidsy Example <?php session start(); if (isset($ POST[’openid url’]) isset($ REQUEST[’openid mode’])) { if (isset($ POST[’openid type’]) && $ POST[’openid type’] != ’openid url’) { define(’OPENID URL’, $ POST[’openid type’]); } require(’../../processor.php’); //the poidsy validation script } else { [...some layout stuff...] if (isset($ SESSION[’openid’][’error’])) { unset($ SESSION[’openid’][’error’]); } else if (isset($ SESSION[’openid’][’validated’]) && $ SESSION[’openid’][’validated’]) { unset($ SESSION[’openid’][’validated’]); if (isset($ SESSION[’openid’][’sreg’])) { [...show data...] unset($ SESSION[’openid’][’sreg’]); } 13 / 33
  • 14. OpenID + OpenSocial Relying Party: Poidsy Poidsy is a full functional set of PHP script that serves like OpenID relying party. The difference between Poidsy and other libraries is the ability of this implementation to not expose the OpenID logic. It can only be used without writing a single line of code. In the previous example, it is shown how to use the poidsy library. It is required to start a session where the library stores his values. If is passed to the page an OpenID url, the scripts requires the processor.php script to validate and authenticate the user. The same page is used to receive a response from the provider. If the response is an error, it is possible to print on the screen an error message, otherwise it is possible to read the response and use it like user data. 14 / 33
  • 15. OpenID + OpenSocial Relying Party: Pigeon 32 valor medals were consigned to pigeons during the Second World War. Only 26 to dogs. 3 to horses. Only 1 to a cat. (What has he done? He has perhaps eaten a german pigeon?!?!) Remember: when the battle starts and the situation becomes chaotic with machine guns, artigliery and gas, we must trust the pigeons. Pigeon service was implemented by Dario Mazza, Sebastiano Merlino, Marco Messina, Davide Giuseppe Monaco, Paolo Pino and Eugenio Priscimone. It uses Openid4Java to realize a fully compatible relying party for OpenID verions: 1.0, 1.1 and 2.0. 15 / 33
  • 16. OpenID + OpenSocial Relying Party: Pigeon Classes Pigeon consists in three classes: PigeonService, AuthenticationServlet, OIDResponseServlet. PigeonService implementation PigeonService consists in four methods: getConsumerManager : necessary to obtain the Openid4Java ConsumerManager. discoverOnIdentifier : used to obtain DiscoveryInformation necessary to the user’s effective authentication. createAuthRequest: method used to obtain the AuthRequest to send. processData: necessary to obtain an userID from the provider’s response. 16 / 33
  • 17. OpenID + OpenSocial Relying Party: Pigeon getConsumerManager private static ConsumerManager getConsumerManager(){ if (consumerManager == null) { [...] consumerManager = new ConsumerManager(); consumerManager.setAssociations(new InMemoryConsumerAssociationStore()); consumerManager.setNonceVerifier(new InMemoryNonceVerifier(10000)); } [...] return consumerManager; } This method first initialize an empty ConsumerManager, then it decides what class is responsible to store the associations with providers. At the end the method sets a validity time for the nonce and returns the ConsumerManager. 17 / 33
  • 18. OpenID + OpenSocial Relying Party: Pigeon discoverOnIdentifier public static DiscoveryInformation discoverOnIdentifier(String userSuppliedIdentifier){ DiscoveryInformation ret = null; ConsumerManager consumerManager = getConsumerManager(); [...] List discoveries = consumerManager.discover(userSuppliedIdentifier); ret = consumerManager.associate(discoveries); [...] return ret; } This method first initializes a null DiscoveryInformation and then using the ConsumerManager it discovers informations about the userSuppliedIdentifier. At the end the method returns the DiscoveryInformation. 18 / 33
  • 19. OpenID + OpenSocial Relying Party: Pigeon createAuthRequest public static AuthRequest createAuthRequest(DiscoveryInformation discoveryInformation, String returnToAviary){ AuthRequest retValue = null; [..] retValue = getConsumerManager().authenticate(discoveryInformation, returnToAviary); SRegRequest req = SRegRequest.createFetchRequest(); retValue.addExtension(req); [..] return retValue; } This method uses the DiscoveryInformation to authenticate the user imposing to redirect to the url indicated in returnToAviary after the login. The method at the end returns the authRequest. 19 / 33
  • 20. OpenID + OpenSocial Relying Party: Pigeon processData public static UserId processData(DiscoveryInformation discoveryInformation, ParameterList parameterList, String returnToAviary){ UserId ret = null; [...] VerificationResult verificationResult = getConsumerManager().verify(returnToAviary, parameterList, discoveryInformation); Identifier verifiedIdentifier = verificationResult.getVerifiedId(); if (verifiedIdentifier != null) { AuthSuccess authSuccess = (AuthSuccess) verificationResult.getAuthResponse(); ret = new UserId(UserId.Type.valueOf(me), verifiedIdentifier.getIdentifier()); } [...] return ret; } This method first verifies the idenitfier with the nonce and then stores it inside an UserID. 20 / 33
  • 21. OpenID + OpenSocial Relying Party: Pigeon Authentication Servlet [...] DiscoveryInformation discoveryInformation = PigeonService.discoverOnIdentifier(userSuppliedIdentifier); req.getSession(true).setAttribute(“discoveryInformation”, discoveryInformation); AuthRequest authRequest = PigeonService.createAuthRequest(discoveryInformation, returnToUrl); res.sendRedirect(authRequest.getDestinationUrl(true)); [...] OIDResponseServlet [...] UserId uid = PigeonService.processData((DiscoveryInformation) req.getSession(true).getAttribute(“discoveryInformation”), new ParameterList(req.getParameterMap()), returnToUrl); UserHelper.setSessionUid(req,uid.getUserId()); UserHelper.setSessionUserHash(req,uid.hashCode()); AuthenticationResponse ar = new AuthenticationResponse(uid.getUserId()); [...] 21 / 33
  • 22. OpenID + OpenSocial Relying Party: Pigeon These two servlet respectively requires authentication to the provider and receives his response. It could be seen how the servlet have only to use the methods implemented by the class Pigeon. Like can be seen in the previous slides is really simple to implement a relying party also using the java api Openid4Java. In this case, unlike Poidsy, we are not blind in front of the software implementation, so we need to have a knowledge of OpenID specification to make general at all our implementation. 22 / 33
  • 23. OpenID + OpenSocial OpenSocial It’s open, it’s social, it’s up to you OpenSocial is a set of web API designed by Google, MySpace and many others web organizations with the objective to make interoperable every application implementing it with any social network system that supports them. It’s a set of two APIs, for javascript and REST. The javascript API are designed for “web gadgets” written in Google’s gadgets architecture. The REST API is for other apps: desktop, mobile and server. Gadgets are written using the Gadgets API. Any site that can host gadgets is called container. 23 / 33
  • 24. OpenID + OpenSocial OpenSocial: Gadgets Structure of a Gadget <?xml version=‘‘1.0’’ encoding=‘‘UTF-8’’ ?> <Module> <ModulePrefs title=‘‘Hello World!’’> <Require feature=‘‘opensocial-0.8’’ /> </ModulePrefs> <Content type=‘‘html’’> <![CDATA[ Hello, world! ]]> </Content> </Module> <Module> indicates that this XML contains a gadget. <ModulePrefs> contains information about the gadget. <Require feature=“opensocial-0.8” /> denotes a required feature of the gadget. <Content type=“html”> indicates that the gadget’s content type is HTML. 24 / 33
  • 25. OpenID + OpenSocial OpenSocial: Container Apache Shindig The reference implementation for an OpenSocial Container is Apache Shindig. An OpenSocial container is not merely a box designed to contains gadget but it also involves in the creation of a social infrastructure between members of the site implementing the API. There are two implementation for the Shindig Container: Java and PHP; these two versions have 3 major server side components: Persistent Data Loading Mechanism; Gadget Rendering Infrastructure OpenSocial server-side Implementation 25 / 33
  • 26. OpenID + OpenSocial OpenSocial: Container Some features are client side, like: The real gadget container (in javascript) The OpenSocial container JSon, Restful and Caja support OpenSocial APIs OpenSocial’s API implemented are: OpenSocial REST : for Server-to-Server communications OpenSocial JSON-RPC : for Gadget-to-Server communications Javascript: for Gadgets implementation 26 / 33
  • 27. OpenID + OpenSocial OpenSocial: Container Implementation Shindig Installation The shindig installation system is really simple. It just consists in extracting the downloaded archive to the directory where you wish install Apache Shindig. For the J2EE version the installation consists in copying the WAR file to $TOMCAT HOME/webapps if the server used is Tomcat. Building from source requires Java 1.5 or later with JAVA HOME environment variable set and Apache Maven already installed. For the PHP version you have just to copy shindig-php into a directory in /var/www obviously intending you have installed an Apache PHP server. Prerequisites are PHP 5.2.x with mod rewrite enabled with the json, simplexml, mcrypt and curl extensions enabled. 27 / 33
  • 28. OpenID + OpenSocial OpenSocial: Container Implementation To personalize your container (client-side in js) you have to override methods from the default implementation changing functionalities to resemble what you want. Usually you have rewrite the main funcion renderGadgets. M4P2 M4P2 is an extension of the javascript client-side shindig container adding to it some functionalities using jQuery library. It has been realized by Dario Mazza, Sebastiano Merlino, Marco Messina, Davide Giuseppe Monaco, Paolo Pino and Eugenio Priscimone. It just consists in a single js script that can be used like container for OpenSocial Gadgets. 28 / 33
  • 29. OpenID + OpenSocial OpenSocial: Container Implementation function renderGadgets(incoming, enable cb, disable cb) { enable sorting=(typeof(enable cb)==’function’) ? enable cb : function() {}; disable sorting=(typeof(disable cb)==’function’) ? disable cb : function() {}; [...] eval(var json data = + incoming); var ids = []; var urls = []; for (var el in json data) } ids.push(json data[el].id); var buffer = gadgets.container.createGadget(}specUrl: json data[el].url{); gadgets.container.addGadget(buffer); urls.push(buffer); } gadgets.container.layoutManager.setGadgetChromeIds(ids); for (var el in urls) { gadgets.container.renderGadget(urls[el]); var gadgetIframe = document.getElementById(urls[el].getIframeId()); gadgetIframe.setAttribute(’style’, ’width: 100%; max-height: 400px;’); } gadgets.container.refreshGadgets(); } 29 / 33
  • 30. OpenID + OpenSocial OpenSocial: Container Implementation M4P2 In the previous slide is presented a piece of code from the overriding of the function renderGadgets. This function accepts three params: incoming, enable cb, disable cb. The first parameter is a string in JSON format: [{’id’:’gadget-chrome-x’,’url’: ’gadgets/Login/Login.xml’},{ ’id’:’gadget-chrome-y’, ’url’:’http://localhost:8080/examples/getFriendsHasApp.xml’ }] “id” indicates the name of the div that has to contain the gadget. “url” is the path to reach the gadget. The block that follows registers the gadget and renderizes it. 30 / 33
  • 31. OpenID + OpenSocial A final merge <?xml version=“1.0” encoding=“UTF-8”?> <Module> <ModulePrefs title=“OpenSocial - Login utente” height=“250”> </ModulePrefs> <Content type=“html”> <![CDATA[ [...javascript inclusions...] [...do some stuff to print layout...] function accesso(){ var parametri = document.getElementById(“logstring”).value.split(“-”); var username = parametri[0]; var opname = parametri[1]; if(username==none){ window.location = “http://www.example.com:8080/openid/auth?op=” + opname; } else { var uid = document.getElementById(“userid”).value; window.location = “http://www.example.com:8080/openid/auth?op=” + opname + “&uid=” + uid; } [...do some stuff to fill form...] } ]]> </Content> </Module> 31 / 33
  • 32. OpenID + OpenSocial A final merge An OpenID gadget In the previous slide it can be seen an example of a OpenID login gadget. In this example have been used a modified shindig container (M4P2) that uses a relying party “Pigeon” developed on openid4java connecting with a huge number of provider. At this point we have realized our global authentication tool that using OpenID makes easy the life of the user. In addiction to this, we can distribute our gadget to any site implementing OpenSocial containers and that wants to use it. Supposing we want to start our OpenID provider it could be an extremely interessant example of software distribution as advertisement. An interessant plan for the future could be to implement support also to OAuth allowing easy data exchange and creating an automatic site ring. 32 / 33
  • 33. OpenID + OpenSocial Links... openid.net/developers/specs/ - to read about OpenID specifications. - article and step2.googlecode.com/svn/spec/openid oauth extension/latest/ specifications about the OAuth extension of OpenID. wiki.openid.net/Run-your-own-identity-server - A link to a collection of library to realize an OpenID provider. code.google.com/intl/it-IT/apis/opensocial/ - The official OpenSocial project page. shindig.apache.org/ - Shindig official web page. 33 / 33