Upgrade to Pro — share decks privately, control downloads, hide ads and more …

15-437 OAuth 2.0

ThierrySans
November 11, 2014

15-437 OAuth 2.0

ThierrySans

November 11, 2014
Tweet

More Decks by ThierrySans

Other Decks in Education

Transcript

  1. Single-Sign-On (SSO) • Pubcookie (a.k.a webiso) • OpenID • SAML

    (Security Assertion Markup Language) • OAuth • Mozilla Persona 1998 2005 2005 2010 2011 among others …
  2. How to use OAuth The way OAuth is implemented by

    Identity Providers varies • Google
 https://developers.google.com/accounts/docs/OAuth2 • Twitter
 https://dev.twitter.com/oauth • Facebook
 https://developers.facebook.com/docs/facebook-login/login-flow-for-web/v2.2 • Github
 https://developer.github.com/v3/oauth/
  3. OAuth in Django • Python OAuth Toolkit
 https://django-oauth-toolkit.readthedocs.org/en/latest/ models.html •

    Python Social OAuth
 https://github.com/omab/python-social-auth • django-allauth
 https://github.com/pennersr/django-allauth
  4. Configure Google On console.developers.google.com 1. Create a new project 2.

    Create a new credential 
 API management > Credentials
  5. Configure the project and migrate INSTALLED_APPS = [ ... 


    'django.contrib.sites', 'allauth', 'allauth.account', ‘allauth.socialaccount', ‘allauth.socialaccount.providers.google', # use Google ] TEMPLATES = [ ... 'context_processors': [ ... 'django.template.context_processors.request', ], ... LOGIN_REDIRECT_URL = '/' AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.ModelBackend', 'allauth.account.auth_backends.AuthenticationBackend', ) ACCOUNT_USERNAME_REQUIRED = False ACCOUNT_EMAIL_VERIFICATION = "none" SOCIALACCOUNT_QUERY_EMAIL = True SITE_ID = 1 simpsonsapp/settings.py