Ember and OAuth2 Boston Ember.js March 9, 2017 Stephen Vance
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Ember and OAuth2Boston Ember.js March 9, 2017 Stephen Vance
What We’ll Cover
• What is OAuth2?
• ember-simple-auth
• torii
• The Big Picture
2
OAuth2• Authentication (who you are) and Authorization (what can you do)
• OAuth is an authorization protocol
• Why do we use it for authentication?
• Implicit and authorization code grant types
• Scopes
3
Authorization Code Grant
AppBob1. Use GitHub
GitHub2. Bob wants access
3. Can App have access?
4. Bob says yes (authorization code)
Auth Server
5. I need a key
6. A
uth
code
+
secr
et
7. Token + scopes
8. Token + scopes
4
ember-simple-auth (ESA)
Client-side session
Authenticates the session
Authorizes requests
5
How ESA Works• session service
• Authenticators (ToriiAuthenticator)
• ApplicationRouteMixin
• AuthenticatedRouteMixin
• UnauthenticatedRouteMixin
• Authorizers
• DataAdapterMixin
6
How torii Works
• Simple API: open, fetch, close
• Can be used by itself (e.g., ember-twiddle)
8
9
For Reference• OAuth2 RFC: https://tools.ietf.org/html/rfc6749
• Section 4.1 details Authorization Code Grant
• ember-simple-auth: https://github.com/simplabs/ember-simple-auth
• GitHub with torii Guide: https://github.com/simplabs/ember-simple-auth/blob/master/guides/auth-torii-with-github.md
• torii: https://github.com/Vestorly/torii
• GitHub API docs: https://developer.github.com/v3/
• OAuth details: https://developer.github.com/v3/oauth/
• ember-data-github: https://github.com/elwayman02/ember-data-github
10
Usage Examples
• https://github.com/srvance/simple-auth-torii-github-demo
• https://github.com/srvance/git-time-machine
• https://github.com/ember-cli/ember-twiddle
• https://github.com/hawkup/github-stars
11
Contact MeStephen Vance
http://www.vance.com
@StephenRVance
srvance on GitHub and LinkedIn
12
Related Documents
