Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Open edX Con 2017 — OAuth Lighting Talk

34b8765e9b3e4a8ec709c7b3d50f2a9b?s=47 Miguel Amigot
May 25, 2017
Education
1
71

Open edX Con 2017 — OAuth Lighting Talk

Using Open edX's OAuth-based authentication system to extend the platform

34b8765e9b3e4a8ec709c7b3d50f2a9b?s=128

Miguel Amigot

May 25, 2017
Tweet

Other Decks in Education

See All in Education
18cdb6f294c8cb10a46167e462c2a51f?s=48 matleenalaakso
0
2.6k
13e0500d2721da6352a312b77b98c4f6?s=48 utokyoissr2360
0
200
Fffb9af58e08cf384f2a8c1c40c3d38d?s=48 yasulab
2
1.7k
58660723de21de826f67924c8498336c?s=48 yasslab
PRO
2
370k
5314ec2302336bf68c95bdb5b1476227?s=48 furuhashilab
0
120
C002578e20fc7015b8d555c85c1f0e99?s=48 norikokato
0
140
Fc104451852faeb0a42499180f53a1ff?s=48 tkimura12
0
120
15d05906370266398f014184d86d17c5?s=48 cyber_unfold
0
140
E49f52f943e3f1ee664e949ae95a235b?s=48 y_ogawa_mhg
1
170
045f8f20618183eb17491b167f8b865c?s=48 willihon
0
110
33246db62d13c2b91289bff69c485822?s=48 notsurprised
0
320
C002578e20fc7015b8d555c85c1f0e99?s=48 norikokato
0
150

Featured

See All Featured
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
193
8.7k
0fe2973fa8d27d96547e43322341183a?s=48 swwweet
206
7k
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
119
16k
25c7c18223fb42a4c6ae1c8db6f50f9b?s=48 mojombo
360
62k
Dafc4723e9a1c067796c0fec6f509774?s=48 lemiorhan
631
48k
56c4053438af8e8b90d6f53cbb7573be?s=48 jakevdp
776
200k
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1021
390k
2bb923c57a1fdc3a2eb484bb8d565fd2?s=48 ufuk
57
5.5k
651dcfe41723207fbb0aa044a4f7c07f?s=48 dotmariusz
94
5.6k
39488f9d172ab92fd352f2cd7b73258d?s=48 mza
81
4.2k
E195ae45320d9202eaa01c9f1d31a416?s=48 marktimemedia
8
510
E76911cbe088e5b850d966de3fc7435b?s=48 robhawkes
53
2.9k

Transcript

  1. OPEN EDX & OAUTH2 Scalable Extensions to the Platform Miguel

    Amigot CTO

  2. WHY THIS IS INTERESTING

  3. OPEN EDX IS INCREASINGLY MOVING TO MICROSERVICES

  4. CAN DEPLOY SEPARATE WEBSITES AND SERVICES

  5. USE CASES Insights and Ecommerce (already) 1 Customized admin dashboards

    2 3 Instructor news feed?

  6. INSIGHTS

  7. HOW DO WE HANDLE USER ACCOUNTS?

  8. SINGLE SIGN-ON Use edx-platform’s data 1 Referenced — but keep

    sessions 2 3 Single sign-on & single sign-out

  9. HOW DOES THIS WORK?

  10. OAUTH (MOSTLY) edx/edx-platform Provider Clients edx-analytics-dashboard ecommerce credentials

  11. OAUTH (SIMPLIFIED) Register the client on edx/edx-platform (get an app

    client ID and a client secret) 1 2 Exchange these credentials on the client for access tokens and use these to get resources

  12. /admin/oauth2/client/add/

  13. BUT OAUTH DOESN’T SAY WHO THE USER IS…

  14. …SINCE THE ACCESS TOKEN IS OPAQUE TO THE CLIENT

  15. oauth.net/articles/authentication

  16. SUPPLEMENT OAUTH WITH OPENID CONNECT

  17. OPENID CONNECT OAuth client IDs, client secrets and access tokens

    + A user identifier attached to each request

  18. EDX HAS AN OPENID CONNECT AUTH BACKEND

  19. edx/auth-backends

  20. CALLING IT FROM EACH CLIENT

  21. pip install edx-auth-backends

  22. settings/base.py

  23. Login and Logout URLs

  24. MAIN POINTS EdX is moving to microservices… and auth is

    obviously ready 1 Built on popular standards: OAuth and OpenID Connect* 2 3 Easy to build separately scalable services with user auth

  25. QUESTIONS? miguel@ibleducation.com @miguelamigot