I have created a new branch which contains an example using the navigator.id watch-request methods instead of the get method which is used in the master branch and added session support to the server [1].
The AeroGear persona adapter API still needs many improvements and redesign :)

What worries me about Mozilla's Persona sign-in system is that even if you sign out with Persona, you should remember to explicitly sign out of your personal email account as well.
Otherwise the next person who will sit over a shared computer, will be able to to sign in to the Persona service without entering a password [2]. I don't know if the lesson is, to never share your computer :)

[1]: https://github.com/tolis-e/aerogear-js-persona-authentication-poc/tree/persona_watch-request
[2]: https://support.mozilla.org/el/kb/signing-out-using-persona

On Wed, 2014-01-22 at 08:32 -0500, Lucas Holmquist wrote: 
sounds cool,  i'll take a look
On Jan 22, 2014, at 4:41 AM, Apostolos Emmanouilidis <aemmanou@redhat.com> wrote:

> hello,
> 
> while looking at AGJS-122 and the possibility to add an authentication adapter which is based on Mozilla's Persona sign-in system, I was thinking of the following API:
> 
> // Construct an AeroGear.Authentication.adapters.Persona 
> var persona = AeroGear.Auth({                         
>        name: 'persona',
>        type: 'Persona',
>        settings: {                             
>            verificationEndpoint: "http://127.0.0.1:3000/verify"
>        }                     
> }).modules.persona;
> 
> // use login to initiate the Mozilla's Persona authentication procedure. login enables the BrowserID and generates a signed assertion which contains the user's email address
> // on assertion generation call the verification service
> persona.login({
>    onAssertion: function ( assertion ) {
for consistency, i would probably call this callback 'success'
>        // the verification API receives the assertion and the audience (our website URL) as parameters
>        // for security reasons there must be an intermediate service between the client and the verification API. the reason for which we want the intermediate service
>        // is that we want to ensure that the audience parameter is not hacked. I was thinking that it is better to avoid adding the persona.verify call inside our adapter
>        // since this way we would force the user to create the intermediate service according our implementation. That's why the following line exists:                                 
>        persona.verify( { assertion: assertion }, { success: onSuccessVerification, error: onFailedVerification } );                             
>    },                             
>    error: onLoginError                         
> });
> 
> // logout
> persona.logout( onLogout );

i know for the REST adapter we also have an "enroll" method,  not sure if that makes sense for this one.  I haven't really looked at the Persona thing to much, just a shiny object that i saw and created a JIRA

> 
> I have added a working example in: https://github.com/tolis-e/aerogear-js-persona-authentication-poc
> and a first implementation sample: https://github.com/aerogear/aerogear-js/pull/100
> 
> In order you'd like to try the working example on Android emulator, change lines:
> https://github.com/tolis-e/aerogear-js-persona-authentication-poc/blob/master/static/persona-test.html#L16
> and
> https://github.com/tolis-e/aerogear-js-persona-authentication-poc/blob/master/server.js#L29
> to use host 10.0.2.2
> and open the http://10.0.2.2:3000/persona-test.html page on the Android browser
> 
> 
> any thoughts, suggestions? 
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev


_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev