New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PeeringDB as an OAuth provider #131
Comments
At LONAP we spend quite a lot of time with user account problems e.g. 'ZYX has left the company, please delete their account' and so on. I think this work could save quite a lot of effort for multiple organisations. I think the work has three strands:
|
Have this working in development, based largely on OpenID Connect. Scopes currently are defined as profile, email (which adds Perms field is a bitmask for CRUD as the 4 LSBs. Example for my user: {
"family_name": "Griswold",
"email": "grizz@20c.com",
"name": "Matt Griswold",
"verified_user": true,
"verified_email": true,
"networks": [
{
"perms": 15,
"autnum": 63311,
"name": "20C",
"id": 20
},
{
"perms": 15,
"autnum": 33713,
"name": "United IX",
"id": 7889
}
],
"id": 3,
"given_name": "Matt"
} Does anyone have feedback on this? |
Question: Why pick only some fields for Plus ASN field should match name used elsewhere ( FYI: The API call for your network produces:
|
@mahtin Thanks for the feedback.
Started with just having
Agreed on |
You might want to hide email address and names behind a scope. That would be nice to auth against a service without actually sharing personal information. Github does this and you may auth against github and only get back the user id and the username (which is believe is a nice feature privacy-wise). The service may request the email address, but Github will warn about it. |
@baloo thanks, already done :)
|
Proposal
PeeringDB users are often connected to multiple internet exchanges and congregate at the same events, it would perhaps be in the interest of all stakeholders involved (both ISPs and IXPs) to let PeeringDB be an OAuth provider. This way people can use their PeeringDB account to login to various event- or IXP portals.
For technical guidance, we should end up implementing something similar to how tripit.com/jetitup.com interact with each other. See http://tripit.github.io/api/doc/v1/#authentication_section and scroll down to OAuth.
The text was updated successfully, but these errors were encountered: