Skip to content

kgbu/erlauth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
COPYING
COPYING
 
 
GPL
GPL
 
 
README
README
 
 

Repository files navigation

erlauth

This is the library to attach OAuth and OpenID interface to your applications.

Copyright (C) 2009 OGAKI, Kazutaka <ogakikz@jin.gr.jp>

 
This program is copyrighted free software by OGAKI, Kazutaka. You can
redistribute it and/or modify it under the General Public License version 2
with some additional conditions (see the file COPYING).

Application Architecture

*Major subjects

- provider (original contents' service provider)
- user(End user: watching on browser screen)
- consumer (Contents Aggregator)

Every communication are done via HTTP, and defined in OAuth/OpenID specs.
HTTP request/responces are converted and arrived to Erlang ports. 
This library would cover part of port functions.

*Auhtentication

user				consumer			provider
|-----------------------------------request(null_session_key)----->|
                                                                   |
|<-------------------401 : authorization required -----------------|
|
|------------------------------------------- id, password -------->|
                                                                   |
|<-------------------OK : set session key -------------------------|
|
|----------------------------------request(valid_session_key)----->|
                                                                   |
|<-------------------200: authorization OK: contents---------------|


*Authorization

**initial case

user				consumer			provider
|------- Request(URL) ----------->|
                                  |
                                  |--- request(URL(content_id))--->|
                                                                   |
                                  |<-- 401: Auth requierd(token)---|
                                  |
|<-- 401: Auth requierd(token)----|
|
calculate hash(token)via session key and Nonce
|
|-Request(URL+hash))------------->|
                                  |
                                  |-request(URL+hash)------------->|
                                                                   |
                                  |<-- 200: OK : contents   -------|
                                  |
|<-- 200: OK : contents   --------|


**Persistent proxying(delegation)

In this case,
-Nonce includes timout.
-session key can be abandoned at any time
-URL has range (for various request.. not including upper level reference)

**Session key abandon (re-calculate)
This can be done re-play initial Authentication with null_session_key.
privider shall hold session_key as valid while correct id:password pair is given.

About

Erlang codes on OAuth and OpenID

Resources

Readme

License

View license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published