Permalink
Switch branches/tags
Nothing to show
Find file
Fetching contributors…
Cannot retrieve contributors at this time
74 lines (55 sloc) 2.52 KB
erlauth
This is the library to attach OAuth and OpenID interface to your applications.
Copyright (C) 2009 OGAKI, Kazutaka <ogakikz@jin.gr.jp>
This program is copyrighted free software by OGAKI, Kazutaka. You can
redistribute it and/or modify it under the General Public License version 2
with some additional conditions (see the file COPYING).
Application Architecture
*Major subjects
- provider (original contents' service provider)
- user(End user: watching on browser screen)
- consumer (Contents Aggregator)
Every communication are done via HTTP, and defined in OAuth/OpenID specs.
HTTP request/responces are converted and arrived to Erlang ports.
This library would cover part of port functions.
*Auhtentication
user consumer provider
|-----------------------------------request(null_session_key)----->|
|
|<-------------------401 : authorization required -----------------|
|
|------------------------------------------- id, password -------->|
|
|<-------------------OK : set session key -------------------------|
|
|----------------------------------request(valid_session_key)----->|
|
|<-------------------200: authorization OK: contents---------------|
*Authorization
**initial case
user consumer provider
|------- Request(URL) ----------->|
|
|--- request(URL(content_id))--->|
|
|<-- 401: Auth requierd(token)---|
|
|<-- 401: Auth requierd(token)----|
|
calculate hash(token)via session key and Nonce
|
|-Request(URL+hash))------------->|
|
|-request(URL+hash)------------->|
|
|<-- 200: OK : contents -------|
|
|<-- 200: OK : contents --------|
**Persistent proxying(delegation)
In this case,
-Nonce includes timout.
-session key can be abandoned at any time
-URL has range (for various request.. not including upper level reference)
**Session key abandon (re-calculate)
This can be done re-play initial Authentication with null_session_key.
privider shall hold session_key as valid while correct id:password pair is given.