Re: [aerogear-dev] Node.js / Passport.js thoughts (was: Re: OAuth2, OpenID connect and AeroGear)

On Oct 30, 2014, at 2:20 PM, Matthias Wessendorf <matzew(a)apache.org&gt; wrote: On Thu, Oct 30, 2014 at 7:13 PM, Lucas Holmquist <lholmqui(a)redhat.com <mailto:lholmqui@redhat.com>> wrote: > On Oct 30, 2014, at 9:41 AM, Matthias Wessendorf <matzew(a)apache.org <mailto:matzew@apache.org>> wrote: > > Hello team! > > On Thu, Oct 9, 2014 at 4:49 AM, Bruno Oliveira <bruno(a)abstractj.org <mailto:bruno@abstractj.org>> wrote: > Note: Not only for Keycloak, but also compatible with other technologies > like passport on Node.js. > > Great point on being compatible with passport.js! To ensure our OAuth2 client SDKs do work against node.js (w/ passport.js), how about we build a Node.js based version of our "Shoot-n-Share backend" ([1]), that is protected by Passport.js? So to clear up some confusion that might be happening with what passport is, it is not an OAuth2 server thing. it’s really just middleware(think of it as a servlet filter for you java weenies) for express.js, and by using adapters(like a FB or google), it can secure RESTful endpoints in that express.js app. I think the thing that we can do here is make a keycloack adapter for passport, using the OAuth2 protocol( similar to passports FB and google adapters ); +1 would be nice to get this in https://issues.jboss.org/browse/AGJS-252 <https://issues.jboss.org/browse/AGJS-252> On short term, it would be possible to use their existing adapters for FB/Google and protect the node.js backend with these adapters, right ?

Sounds like the AGJS-252 is the ultimate solution we want, but I think for a quick test/verification (or even example) of our Android/iOS OAuth2 clients, using the FB/Google adapters from passprt.js would be a good first start ? -Matthias > > It could be a (simple) a 'clone' of our java version. I think for Luke, our Node.js pro, it would be a fairly simple task :) > > On the client side, the Android/iOS versions of Shoot-n-Share would simply offer a new upload target for Passport.js, instead of 'just' FB, Google-Drive and Keycloak. > > That way we will also learn how much Passport.js is actually different, similar to what we learned on how Google/FB are different ;-) > > Another interesting aspect of this is that, once we are ready to release our OAuth2 SDKs, it would be awesome to actually ship a node.js based demo as well, instead of just a Java-based backend demo. That would clearly show, our client libs are working across different backend technologies. > > Any thoughts? > > -Matthias > > > [1] https://github.com/aerogear/aerogear-backend-cookbook/tree/master/Shoot <https://github.com/aerogear/aerogear-backend-cookbook/tree/master/Shoot> > > > > In the end, OAuth2 is just a protocol and > should support other servers. > > - Should we provide examples for OpenID connect? Or abstractions? > > To track this issue, we have the following Jira[3] and another for > OpenID connect[4]. Fell free to link to your respective project. > > > [1] - > http://transcripts.jboss.org/meeting/irc.freenode.org/aerogear/2014/aerog... <http://transcripts.jboss.org/meeting/irc.freenode.org/aerogear/2014/aerog... > > [2] - https://gist.github.com/abstractj/04136c6df85cea5f35d1 <https://gist.github.com/abstractj/04136c6df85cea5f35d1> > > [3] - https://issues.jboss.org/browse/AGSEC-180 <https://issues.jboss.org/browse/AGSEC-180> > > [4] - https://issues.jboss.org/browse/AGSEC-190 <https://issues.jboss.org/browse/AGSEC-190> > -- > > abstractj > PGP: 0x84DC9914 > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/aerogear-dev <https://lists.jboss.org/mailman/listinfo/aerogear-dev> > > > > -- > Matthias Wessendorf > > blog: http://matthiaswessendorf.wordpress.com/ <http://matthiaswessendorf.wordpress.com/> > sessions: http://www.slideshare.net/mwessendorf <http://www.slideshare.net/mwessendorf> > twitter: http://twitter.com/mwessendorf <http://twitter.com/mwessendorf>_______________________________________... > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/aerogear-dev <https://lists.jboss.org/mailman/listinfo/aerogear-dev> _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/aerogear-dev <https://lists.jboss.org/mailman/listinfo/aerogear-dev> -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ <http://matthiaswessendorf.wordpress.com/> sessions: http://www.slideshare.net/mwessendorf <http://www.slideshare.net/mwessendorf> twitter: http://twitter.com/mwessendorf <http://twitter.com/mwessendorf>_______________________________________... aerogear-dev mailing list aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/aerogear-dev <https://lists.jboss.org/mailman/listinfo/aerogear-dev>