Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
An sampe web based email provider that provides first class BrowserID support.
JavaScript CSS Shell
branch: master

Merge pull request #31 from fmarier/mysql_instructions

Add MySQL instructions to the README
latest commit 5f0b45ba11
@fmarier fmarier authored

README.md

EyeDee.Me

EyeDee.Me is an example Indentity Provider for the BrowserID protocol. This protocol is used by Mozilla Persona to authenticate users across the web.

EyeDee.Me styles itself like an email provider, but does not actually handle any email. Rather, it exists solely as an example for how services, such as email providers, can provide first-class support for BrowserID.

Setup

EyeDee.Me requires Node.js, npm, a MySQL database, and a webserver acting as a reverse proxy / SSL terminator. Once those are in place:

  1. Clone this repository.

  2. Execute npm install in the root of your clone to get all of the necessary Node libraries.

  3. Generate a signing keypair by launching node and running:

    jwk = require("jwcrypto/jwk");
    keypair = jwk.KeyPair.generate('RS', 128);
    console.log(keypair.publicKey.serialize());
    console.log(keypair.secretKey.serialize());
    
  4. Store the keys somewhere safe.

  5. Create a MySQL user and database:

    $ mysql -uroot -p
    > CREATE USER 'eyedeeme'@'localhost';
    > CREATE DATABASE eyedeeme;
    > GRANT ALL ON eyedeeme.* TO 'eyedeeme'@'localhost';
    > FLUSH PRIVILEGES;
    

Running

You must set four environment variables before EyeDee.Me will function:

  1. PUBLIC_KEY: The public key, as printed by the script above. Default: Ephemeral key, generated at runtime.

  2. PRIVATE_KEY: The secret key, as printed by the script above. Default: Ephemeral key, generated at runtime.

  3. MYSQL_URL: A connection string for your MySQL database, in the form mysql://user:pass@host:port/dbname. Default: mysql://eyedeeme@127.0.0.1:3306/eyedeeme

  4. PORT: A port for EyeDee.Me to listen on. Default: random.

Once those are available, you can run EyeDee.me with ./bin/eyedeeme or npm start.

Because the BrowserID protocol requires SSL on connections to Identity Providers, you must also configure a reverse proxy or SSL teminator to accept HTTPS connections and forward them to a running EyeDee.Me instance, such as the one on the port defined above. Otherwise, your users will not be forwarded to your Identity Provider for authentication when logging in to sites with Persona.

Something went wrong with that request. Please try again.