<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body>
<div class="moz-cite-prefix">As a learning exercise I just wrote a
MEAN application with both web and mobile (cordova) front-ends.
The Node.js backend is using passport.js to both authenticate
against Gooale's Oauth2 and to secure the REST API I implemented
with Express.<br>
<br>
I should be able to spare some cycles if you could use some extra
hands on this.<br>
<br>
Brian<br>
<br>
On 14-10-30 11:21 AM, Lucas Holmquist wrote:<br>
</div>
<blockquote
cite="mid:6FDF58BF-A883-46BE-AE35-3001230D2E9A@redhat.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<br class="">
<div>
<blockquote type="cite" class="">
<div class="">On Oct 30, 2014, at 2:20 PM, Matthias Wessendorf
<<a moz-do-not-send="true"
href="mailto:matzew@apache.org" class="">matzew@apache.org</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div dir="ltr" style="font-family: Helvetica; font-size:
12px; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent:
0px; text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">
<div class="gmail_extra"><br
class="Apple-interchange-newline">
<br class="">
<div class="gmail_quote">On Thu, Oct 30, 2014 at 7:13
PM, Lucas Holmquist<span class="Apple-converted-space"> </span><span
dir="ltr" class=""><<a moz-do-not-send="true"
href="mailto:lholmqui@redhat.com" target="_blank"
class="">lholmqui@redhat.com</a>></span><span
class="Apple-converted-space"> </span>wrote:<br
class="">
<blockquote class="gmail_quote" style="margin: 0px 0px
0px 0.8ex; border-left-width: 1px;
border-left-color: rgb(204, 204, 204);
border-left-style: solid; padding-left: 1ex;">
<div style="word-wrap: break-word;" class=""><br
class="">
<div class="">
<blockquote type="cite" class=""><span class="">
<div class="">On Oct 30, 2014, at 9:41 AM,
Matthias Wessendorf <<a
moz-do-not-send="true"
href="mailto:matzew@apache.org"
target="_blank" class="">matzew@apache.org</a>>
wrote:</div>
<br class="">
</span><span class="">Hello team!<br class="">
<br class="">
On Thu, Oct 9, 2014 at 4:49 AM, Bruno
Oliveira <span dir="ltr" class=""><<a
moz-do-not-send="true"
href="mailto:bruno@abstractj.org"
target="_blank" class="">bruno@abstractj.org</a>></span> wrote:<br
class="">
Note: Not only for Keycloak, but also
compatible with other technologies<br
class="">
like passport on Node.js.
<div class=""><br class="">
</div>
<div class="">Great point on being
compatible with passport.js! To ensure our
OAuth2 client SDKs do work against node.js
(w/ passport.js), how about we build a
Node.js based version of our
"Shoot-n-Share backend" ([1]), that is
protected by Passport.js?</div>
</span></blockquote>
<div class=""><br class="">
</div>
<div class="">So to clear up some confusion that
might be happening with what passport is, it
is not an OAuth2 server thing.</div>
<div class=""><br class="">
</div>
<div class="">it’s really just middleware(think
of it as a servlet filter for you java
weenies) for express.js, and by using
adapters(like a FB or google), it can secure
RESTful endpoints in that express.js app.</div>
<div class=""><br class="">
</div>
<div class="">I think the thing that we can do
here is make a keycloack adapter for passport,
using the OAuth2 protocol( similar to
passports FB and google adapters );</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</div>
</blockquote>
<blockquote type="cite" class="">
<div class="">
<div dir="ltr" style="font-family: Helvetica; font-size:
12px; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent:
0px; text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">
<div class="gmail_extra">
<div class="gmail_quote">
<div class=""><br class="">
</div>
<div class="">+1 would be nice to get this in<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="https://issues.jboss.org/browse/AGJS-252"
class="">https://issues.jboss.org/browse/AGJS-252</a><br
class="">
</div>
<div class=""><br class="">
</div>
<div class="">On short term, it would be possible to
use their existing adapters for FB/Google and
protect the node.js backend with these adapters,
right ?</div>
</div>
</div>
</div>
</div>
</blockquote>
<div><br class="">
</div>
<div>i think we can do that</div>
<br class="">
<blockquote type="cite" class="">
<div class="">
<div dir="ltr" style="font-family: Helvetica; font-size:
12px; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent:
0px; text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">
<div class="gmail_extra">
<div class="gmail_quote">
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">Sounds like the AGJS-252 is the ultimate
solution we want, but I think for a quick
test/verification (or even example) of our
Android/iOS OAuth2 clients, using the FB/Google
adapters from passprt.js would be a good first start
?</div>
<div class=""><br class="">
</div>
<div class="">-Matthias</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""> </div>
<blockquote class="gmail_quote" style="margin: 0px 0px
0px 0.8ex; border-left-width: 1px;
border-left-color: rgb(204, 204, 204);
border-left-style: solid; padding-left: 1ex;">
<div style="word-wrap: break-word;" class="">
<div class="">
<div class="">
<div class="h5">
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<br class="">
<blockquote type="cite" class="">
<div class="">
<div dir="ltr" class="">
<div class="gmail_extra">
<div class="gmail_quote">
<div class=""><br class="">
</div>
<div class="">It could be a
(simple) a 'clone' of our java
version. I think for Luke, our
Node.js pro, it would be a
fairly simple task :)</div>
<div class=""><br class="">
</div>
<div class="">On the client side,
the Android/iOS versions of
Shoot-n-Share would simply offer
a new upload target for
Passport.js, instead of 'just'
FB, Google-Drive and Keycloak.</div>
<div class=""><br class="">
</div>
<div class="">That way we will
also learn how much Passport.js
is actually different, similar
to what we learned on how
Google/FB are different ;-)<br
class="">
</div>
<div class=""><br class="">
</div>
<div class="">Another interesting
aspect of this is that, once we
are ready to release our OAuth2
SDKs, it would be awesome to
actually ship a node.js based
demo as well, instead of just a
Java-based backend demo. That
would clearly show, our client
libs are working across
different backend technologies.</div>
<div class=""><br class="">
</div>
<div class="">Any thoughts?</div>
<div class=""><br class="">
</div>
<div class="">-Matthias</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">[1] <a
moz-do-not-send="true"
href="https://github.com/aerogear/aerogear-backend-cookbook/tree/master/Shoot"
target="_blank" class="">https://github.com/aerogear/aerogear-backend-cookbook/tree/master/Shoot</a></div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""> </div>
<blockquote class="gmail_quote"
style="margin: 0px 0px 0px
0.8ex; border-left-width: 1px;
border-left-color: rgb(204, 204,
204); border-left-style: solid;
padding-left: 1ex;">In the end,
OAuth2 is just a protocol and<br
class="">
should support other servers.<br
class="">
<br class="">
- Should we provide examples for
OpenID connect? Or abstractions?<br
class="">
<br class="">
To track this issue, we have the
following Jira[3] and another
for<br class="">
OpenID connect[4]. Fell free to
link to your respective project.<br
class="">
<br class="">
<br class="">
[1] -<br class="">
<a moz-do-not-send="true"
href="http://transcripts.jboss.org/meeting/irc.freenode.org/aerogear/2014/aerogear.2014-10-08-14.00.html"
target="_blank" class="">http://transcripts.jboss.org/meeting/irc.freenode.org/aerogear/2014/aerogear.2014-10-08-14.00.html</a><br
class="">
<br class="">
[2] -<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="https://gist.github.com/abstractj/04136c6df85cea5f35d1"
target="_blank" class="">https://gist.github.com/abstractj/04136c6df85cea5f35d1</a><br
class="">
<br class="">
[3] -<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="https://issues.jboss.org/browse/AGSEC-180"
target="_blank" class="">https://issues.jboss.org/browse/AGSEC-180</a><br
class="">
<br class="">
[4] -<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="https://issues.jboss.org/browse/AGSEC-190"
target="_blank" class="">https://issues.jboss.org/browse/AGSEC-190</a><br
class="">
--<br class="">
<br class="">
abstractj<br class="">
PGP: 0x84DC9914<br class="">
_______________________________________________<br class="">
aerogear-dev mailing list<br
class="">
<a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org"
target="_blank" class="">aerogear-dev@lists.jboss.org</a><br
class="">
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
target="_blank" class="">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br
class="">
</blockquote>
</div>
<br class="">
<br class="" clear="all">
<div class=""><br class="">
</div>
--<span
class="Apple-converted-space"> </span><br
class="">
<div class="">Matthias Wessendorf<span
class="Apple-converted-space"> </span><br
class="">
<br class="">
blog:<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="http://matthiaswessendorf.wordpress.com/"
target="_blank" class="">http://matthiaswessendorf.wordpress.com/</a><br
class="">
sessions:<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="http://www.slideshare.net/mwessendorf"
target="_blank" class="">http://www.slideshare.net/mwessendorf</a><br
class="">
twitter:<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="http://twitter.com/mwessendorf"
target="_blank" class="">http://twitter.com/mwessendorf</a></div>
</div>
</div>
_______________________________________________<br class="">
aerogear-dev mailing list<br class="">
<a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org"
target="_blank" class="">aerogear-dev@lists.jboss.org</a><br
class="">
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
target="_blank" class="">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></div>
</blockquote>
</div>
</div>
</div>
<br class="">
</div>
<br class="">
_______________________________________________<br
class="">
aerogear-dev mailing list<br class="">
<a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org"
class="">aerogear-dev@lists.jboss.org</a><br
class="">
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
target="_blank" class="">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br
class="">
</blockquote>
</div>
<br class="">
<br class="" clear="all">
<div class=""><br class="">
</div>
--<span class="Apple-converted-space"> </span><br
class="">
<div class="gmail_signature">Matthias Wessendorf<span
class="Apple-converted-space"> </span><br class="">
<br class="">
blog:<span class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="http://matthiaswessendorf.wordpress.com/"
target="_blank" class="">http://matthiaswessendorf.wordpress.com/</a><br
class="">
sessions:<span class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="http://www.slideshare.net/mwessendorf"
target="_blank" class="">http://www.slideshare.net/mwessendorf</a><br
class="">
twitter:<span class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="http://twitter.com/mwessendorf"
target="_blank" class="">http://twitter.com/mwessendorf</a></div>
</div>
</div>
<span style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px; float:
none; display: inline !important;" class="">_______________________________________________</span><br
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">
<span style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px; float:
none; display: inline !important;" class="">aerogear-dev
mailing list</span><br style="font-family: Helvetica;
font-size: 12px; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent:
0px; text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">
<a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org"
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">aerogear-dev@lists.jboss.org</a><br
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;"
class="">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></div>
</blockquote>
</div>
<br class="">
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
aerogear-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/aerogear-dev">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></pre>
</blockquote>
<br>
</body>
</html>