Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
[PROPOASL] SSO: Support to prevent asking password again to already authenticated users on supported reliers #2637
How about separate, trusted+supported, web application could just "log you in" without asking your password more than once. a.k.a. SSO
The following patch would make FxA able to give an OAuth2 one time
Idea is that each relier could then use the token, ask a "source of truth" (i.e.
To see the idea in action, see this video where you'll see two separate wikis, on different domains, ensures the session state is in sync with FxA.
More notes about the feature
OAuth server patch
Refer to this this gist
Set in place two HTTP handlers on web app relier
PHP Backend strawaman
There were the following issues with your Pull Request
Guidelines are available at https://github.com/mozilla/fxa-content-server/blob/master/CONTRIBUTING.md#git-commit-guidelines
This message was auto-generated by https://gitcop.com
referenced this pull request
Jun 26, 2015
Seconded, it was really great to see this come together at Whistler.
We can't justify merging this to mainline without a compelling use-case within the Firefox connected experience, but two notes:
IIUC, the core of the experience here is just skipping the "signin" prompt entirely for a certain set of reliers. I wonder if that could be useful more broadly than just the sso scope you outline here. Worth thinking about.
Thanks for the feedback.
I'm OK to not merge right away, i will find time to create relier module in