-
Notifications
You must be signed in to change notification settings - Fork 0
Erlang codes on OAuth and OpenID
License
kgbu/erlauth
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
erlauth This is the library to attach OAuth and OpenID interface to your applications. Copyright (C) 2009 OGAKI, Kazutaka <ogakikz@jin.gr.jp> This program is copyrighted free software by OGAKI, Kazutaka. You can redistribute it and/or modify it under the General Public License version 2 with some additional conditions (see the file COPYING). Application Architecture *Major subjects - provider (original contents' service provider) - user(End user: watching on browser screen) - consumer (Contents Aggregator) Every communication are done via HTTP, and defined in OAuth/OpenID specs. HTTP request/responces are converted and arrived to Erlang ports. This library would cover part of port functions. *Auhtentication user consumer provider |-----------------------------------request(null_session_key)----->| | |<-------------------401 : authorization required -----------------| | |------------------------------------------- id, password -------->| | |<-------------------OK : set session key -------------------------| | |----------------------------------request(valid_session_key)----->| | |<-------------------200: authorization OK: contents---------------| *Authorization **initial case user consumer provider |------- Request(URL) ----------->| | |--- request(URL(content_id))--->| | |<-- 401: Auth requierd(token)---| | |<-- 401: Auth requierd(token)----| | calculate hash(token)via session key and Nonce | |-Request(URL+hash))------------->| | |-request(URL+hash)------------->| | |<-- 200: OK : contents -------| | |<-- 200: OK : contents --------| **Persistent proxying(delegation) In this case, -Nonce includes timout. -session key can be abandoned at any time -URL has range (for various request.. not including upper level reference) **Session key abandon (re-calculate) This can be done re-play initial Authentication with null_session_key. privider shall hold session_key as valid while correct id:password pair is given.
About
Erlang codes on OAuth and OpenID
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published