[Forum] OpenID provider

User avatar
orwell
Member
 
Posts: 694
Joined: Wed Jun 24, 2015 18:45
Location: Raxacoricofallapatorius
In-game: orwell

[Forum] OpenID provider

by orwell » Wed Jun 27, 2018 12:14

The Minetest forum is the main platform for all things going on in the Minetest community. In the recent time, however, other platforms have or will become more important, such as the Content Database. Since M$ has bought Github, I run a private issue tracker for my mods at http://mantis.bleipb.de/. Also, I heard that some servers have or plan to implement some sort of authentication outside minetest, to prevent griefers from just changing their user name.

Since almost every member of the community has an account here on the forum, it would be convenient if the forum would provide an OpenID service that allows other services (content database, minetest servers) to authenticate users via the forum login.

Since such a thing does not exist for PhpBB, and I don't think that a forum software switch will happen in the near future, I was thinking about implementing such an OpenID endpoint for PhpBB myself. It would build upon the OpenID Connect standard, Authorisation Code Flow (http://openid.net/specs/openid-connect- ... deFlowAuth), while issuing only the ID tokens and no access tokens at all, because we won't need or have any API for manipulating user's forum posts.

However, I first want to collect some opinions from the community. What do you think about this?
Lua is great!
List of my mods
I like singing. I like dancing. I like ... niyummm...
 

User avatar
rubenwardy
Moderator
 
Posts: 5473
Joined: Tue Jun 12, 2012 18:11
Location: United Kingdom
GitHub: rubenwardy
IRC: rubenwardy
In-game: rubenwardy

Re: [Forum] OpenID provider

by rubenwardy » Wed Jun 27, 2018 12:18

From reading, it looks like OpenID is a subset of oauth2 which sounds good to me. OAuth2 is very nice to implement, more so when we won't need access or refresh tokens
 

User avatar
orwell
Member
 
Posts: 694
Joined: Wed Jun 24, 2015 18:45
Location: Raxacoricofallapatorius
In-game: orwell

Re: [Forum] OpenID provider

by orwell » Wed Jun 27, 2018 12:28

Code: Select all
 HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
"access_token": "foo",
"token_type": "Bearer",
"id_token": ...
}

EDIT: no, the ID token does not contain the actual ID information, it is just a verifier.
EDIT2: yes, it is, section 7.3
Lua is great!
List of my mods
I like singing. I like dancing. I like ... niyummm...
 


Return to Feature Discussion



Who is online

Users browsing this forum: No registered users and 3 guests