sounds good to me, if you wanna help ;)<span></span><br><br>On Thursday, October 30, 2014, Brian Leathem <<a href="mailto:bleathem@gmail.com">bleathem@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<div>As a learning exercise I just wrote a
MEAN application with both web and mobile (cordova) front-ends.
The Node.js backend is using passport.js to both authenticate
against Gooale's Oauth2 and to secure the REST API I implemented
with Express.<br>
<br>
I should be able to spare some cycles if you could use some extra
hands on this.<br>
<br>
Brian<br>
<br>
On 14-10-30 11:21 AM, Lucas Holmquist wrote:<br>
</div>
<blockquote type="cite">
<br>
<div>
<blockquote type="cite">
<div>On Oct 30, 2014, at 2:20 PM, Matthias Wessendorf
<<a href="javascript:_e(%7B%7D,'cvml','matzew@apache.org');" target="_blank">matzew@apache.org</a>>
wrote:</div>
<br>
<div>
<div dir="ltr" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Thu, Oct 30, 2014 at 7:13
PM, Lucas Holmquist<span> </span><span dir="ltr"><<a href="javascript:_e(%7B%7D,'cvml','lholmqui@redhat.com');" target="_blank">lholmqui@redhat.com</a>></span><span> </span>wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word"><br>
<div>
<blockquote type="cite"><span>
<div>On Oct 30, 2014, at 9:41 AM,
Matthias Wessendorf <<a href="javascript:_e(%7B%7D,'cvml','matzew@apache.org');" target="_blank">matzew@apache.org</a>>
wrote:</div>
<br>
</span><span>Hello team!<br>
<br>
On Thu, Oct 9, 2014 at 4:49 AM, Bruno
Oliveira <span dir="ltr"><<a href="javascript:_e(%7B%7D,'cvml','bruno@abstractj.org');" target="_blank">bruno@abstractj.org</a>></span> wrote:<br>
Note: Not only for Keycloak, but also
compatible with other technologies<br>
like passport on Node.js.
<div><br>
</div>
<div>Great point on being
compatible with passport.js! To ensure our
OAuth2 client SDKs do work against node.js
(w/ passport.js), how about we build a
Node.js based version of our
"Shoot-n-Share backend" ([1]), that is
protected by Passport.js?</div>
</span></blockquote>
<div><br>
</div>
<div>So to clear up some confusion that
might be happening with what passport is, it
is not an OAuth2 server thing.</div>
<div><br>
</div>
<div>it’s really just middleware(think
of it as a servlet filter for you java
weenies) for express.js, and by using
adapters(like a FB or google), it can secure
RESTful endpoints in that express.js app.</div>
<div><br>
</div>
<div>I think the thing that we can do
here is make a keycloack adapter for passport,
using the OAuth2 protocol( similar to
passports FB and google adapters );</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</div>
</blockquote>
<blockquote type="cite">
<div>
<div dir="ltr" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<div class="gmail_extra">
<div class="gmail_quote">
<div><br>
</div>
<div>+1 would be nice to get this in<span> </span><a href="https://issues.jboss.org/browse/AGJS-252" target="_blank">https://issues.jboss.org/browse/AGJS-252</a><br>
</div>
<div><br>
</div>
<div>On short term, it would be possible to
use their existing adapters for FB/Google and
protect the node.js backend with these adapters,
right ?</div>
</div>
</div>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>i think we can do that</div>
<br>
<blockquote type="cite">
<div>
<div dir="ltr" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<div class="gmail_extra">
<div class="gmail_quote">
<div><br>
</div>
<div><br>
</div>
<div>Sounds like the AGJS-252 is the ultimate
solution we want, but I think for a quick
test/verification (or even example) of our
Android/iOS OAuth2 clients, using the FB/Google
adapters from passprt.js would be a good first start
?</div>
<div><br>
</div>
<div>-Matthias</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word">
<div>
<div>
<div>
<div><br>
</div>
<div><br>
</div>
<br>
<blockquote type="cite">
<div>
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div><br>
</div>
<div>It could be a
(simple) a 'clone' of our java
version. I think for Luke, our
Node.js pro, it would be a
fairly simple task :)</div>
<div><br>
</div>
<div>On the client side,
the Android/iOS versions of
Shoot-n-Share would simply offer
a new upload target for
Passport.js, instead of 'just'
FB, Google-Drive and Keycloak.</div>
<div><br>
</div>
<div>That way we will
also learn how much Passport.js
is actually different, similar
to what we learned on how
Google/FB are different ;-)<br>
</div>
<div><br>
</div>
<div>Another interesting
aspect of this is that, once we
are ready to release our OAuth2
SDKs, it would be awesome to
actually ship a node.js based
demo as well, instead of just a
Java-based backend demo. That
would clearly show, our client
libs are working across
different backend technologies.</div>
<div><br>
</div>
<div>Any thoughts?</div>
<div><br>
</div>
<div>-Matthias</div>
<div><br>
</div>
<div><br>
</div>
<div>[1] <a href="https://github.com/aerogear/aerogear-backend-cookbook/tree/master/Shoot" target="_blank">https://github.com/aerogear/aerogear-backend-cookbook/tree/master/Shoot</a></div>
<div><br>
</div>
<div><br>
</div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">In the end,
OAuth2 is just a protocol and<br>
should support other servers.<br>
<br>
- Should we provide examples for
OpenID connect? Or abstractions?<br>
<br>
To track this issue, we have the
following Jira[3] and another
for<br>
OpenID connect[4]. Fell free to
link to your respective project.<br>
<br>
<br>
[1] -<br>
<a href="http://transcripts.jboss.org/meeting/irc.freenode.org/aerogear/2014/aerogear.2014-10-08-14.00.html" target="_blank">http://transcripts.jboss.org/meeting/irc.freenode.org/aerogear/2014/aerogear.2014-10-08-14.00.html</a><br>
<br>
[2] -<span> </span><a href="https://gist.github.com/abstractj/04136c6df85cea5f35d1" target="_blank">https://gist.github.com/abstractj/04136c6df85cea5f35d1</a><br>
<br>
[3] -<span> </span><a href="https://issues.jboss.org/browse/AGSEC-180" target="_blank">https://issues.jboss.org/browse/AGSEC-180</a><br>
<br>
[4] -<span> </span><a href="https://issues.jboss.org/browse/AGSEC-190" target="_blank">https://issues.jboss.org/browse/AGSEC-190</a><br>
--<br>
<br>
abstractj<br>
PGP: 0x84DC9914<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
--<span> </span><br>
<div>Matthias Wessendorf<span> </span><br>
<br>
blog:<span> </span><a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
sessions:<span> </span><a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter:<span> </span><a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a></div>
</div>
</div>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></div>
</blockquote>
</div>
</div>
</div>
<br>
</div>
<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
--<span> </span><br>
<div>Matthias Wessendorf<span> </span><br>
<br>
blog:<span> </span><a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
sessions:<span> </span><a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter:<span> </span><a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a></div>
</div>
</div>
<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline!important">_______________________________________________</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline!important">aerogear-dev
mailing list</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">aerogear-dev@lists.jboss.org</a><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></div>
</blockquote>
</div>
<br>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
aerogear-dev mailing list
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" target="_blank">aerogear-dev@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></pre>
</blockquote>
<br>
</div>
</blockquote><br><br>-- <br>Sent from Gmail Mobile<br>