Authentication

Like many others I’ve been spending a lot of time with OAuth2 lately. The single-sign-on system we’ve built at GDS acts as a very simple oauth provider for our other apps (effectively just joining up the oauth2-provider and devise gems), and we’re probably going to be extending our API adapter code so that we can use it for those apps whose APIs need authentication. What I’d not explored for a while was the simplest way to implement app-to-app oauth where there’s no UI for user interaction so over the New Year break I pulled something together for another project. It’s all pretty straightforward but not very well documented so I thought I’d better share. ...

Adding Actions to Devise Controllers It wasn’t the most fun I could imagine having during a “holiday season” but while holed up in Chicagoland over Christmas I spent a couple of days porting a few of my older Rails apps to use a more up to date stack: Rails 3, Devise, Inherited Resources, Formtastic, etc. The idea is that if the apps are on a stack I use every day, I’ll spend less of my time reloading old tools into my head when the inevitable tweaks are required. We’ll see how that goes. ...

Since I wrote my first piece on extending a rails app to accept OpenID quite a few other tutorials and an official plugin have appeared to make that process easier. OpenID is quickly becoming quite mainstream, at least amongst developers, and that is very good news. It’s becoming so mainstream in fact, that recently I’ve been asked to implement an OpenID server on top of an existing user database so that those users can have an easy single-sign-on option across a range of sites. Writing the server side piece is not quite so straightforward and there’s not much documentation yet. A few sample servers are available but the rails examples don’t run cleanly on the latest gems, so while I took some code from them it made most sense to start from scratch. Over the past couple of days I’ve hacked together something that works for me and even though it could still do with some polish a few notes follow. Please do use the comments to correct anything I may have gotten wrong or skipped over. ...

The buzz about OpenID keeps building, and with the announcement that all AOL/AIM users now automatically have OpenIDs it doesn’t look set to slow down any time soon. For those who’re not familiar with the concept, OpenID is a distributed single sign-on system that lets you set up one account and then log in to any OpenID compliant site using that account. For a better introduction, check out this screencast from Simon Willison. ...

I was reminded by maxi_million in the comments on one of my previous LiveUser tutorial entries that I never completed the promised third entry in that series. After the initial procrastination wore off and I initially turned my mind to writing this piece, my main project using LiveUser ended up being converted (for various reasons) into a drupal site, so my further use of the library has been quite minimal. But I do have a little code sitting around, so will try and draw together a few notes on how I was using Liveuser. ...

It’s taking me a while to get to my next installment on LiveUser but in the meantime, readers may want to check out the updated documentation that Lukas published yesterday. It’s not yet a comprehensive introduction/guide to the package, but gathering together a lot of the available information is a huge step forward.

UPDATE (Aug 9th ‘05): Thanks to feedback from Lukas Smith and Laurens Nienhaus I’ve made some updates which show better ways to get at some properties. Having described in my ‘Configuring LiveUser’ entry how to configure and instantiate LiveUser it’s now time to talk about how we start connecting together our login system with more sophisticated permissions management. This time around we’re going to be making use of the LiveUser_Admin module, which can be instantiated using the same configuration array as LiveUser, with: ...

For a current (PHP) project I need a highly flexible authentication and permissions management system. Having heard plenty of mentions on the various PEAR lists I decided to try out LiveUser, which seems to currently be the most comprehensive such system for PHP. It’s a large codebase that seems to cover most of the necessary permutations and includes a number of prominent coders amongst its developers. What I hadn’t taken into account, of course, was the lack of documentation. I spent quite a while trawling through their wiki and googling before concluding that the best way to work LiveUser out would be to work through the code piece by piece. And since that’s a long, slow process it seemed worth documenting here. I’m going to do that step by step, starting today with configuration and instantiation. ...