[Forum] OpenID provider

Post Reply
User avatar
orwell
Member
Posts: 825
Joined: Wed Jun 24, 2015 18:45
GitHub: orwell96
IRC: orwell96_mt
In-game: orwell
Location: Raxacoricofallapatorius

[Forum] OpenID provider

by orwell » Post

The Minetest forum is the main platform for all things going on in the Minetest community. In the recent time, however, other platforms have or will become more important, such as the Content Database. Since M$ has bought Github, I run a private issue tracker for my mods at http://mantis.bleipb.de/. Also, I heard that some servers have or plan to implement some sort of authentication outside minetest, to prevent griefers from just changing their user name.

Since almost every member of the community has an account here on the forum, it would be convenient if the forum would provide an OpenID service that allows other services (content database, minetest servers) to authenticate users via the forum login.

Since such a thing does not exist for PhpBB, and I don't think that a forum software switch will happen in the near future, I was thinking about implementing such an OpenID endpoint for PhpBB myself. It would build upon the OpenID Connect standard, Authorisation Code Flow (http://openid.net/specs/openid-connect- ... deFlowAuth), while issuing only the ID tokens and no access tokens at all, because we won't need or have any API for manipulating user's forum posts.

However, I first want to collect some opinions from the community. What do you think about this?
Lua is great!
List of my mods
I like singing. I like dancing. I like ... niyummm...

User avatar
rubenwardy
Moderator
Posts: 6158
Joined: Tue Jun 12, 2012 18:11
GitHub: rubenwardy
IRC: rubenwardy
In-game: rubenwardy
Location: United Kingdom
Contact:

Re: [Forum] OpenID provider

by rubenwardy » Post

From reading, it looks like OpenID is a subset of oauth2 which sounds good to me. OAuth2 is very nice to implement, more so when we won't need access or refresh tokens

User avatar
orwell
Member
Posts: 825
Joined: Wed Jun 24, 2015 18:45
GitHub: orwell96
IRC: orwell96_mt
In-game: orwell
Location: Raxacoricofallapatorius

Re: [Forum] OpenID provider

by orwell » Post

Code: Select all

 HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
"access_token": "foo",
"token_type": "Bearer", 
"id_token": ...
}
EDIT: no, the ID token does not contain the actual ID information, it is just a verifier.
EDIT2: yes, it is, section 7.3
Lua is great!
List of my mods
I like singing. I like dancing. I like ... niyummm...

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest