Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.core
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
18
Merge Requests
18
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
slapos.core
Commits
15ff6551
Commit
15ff6551
authored
Jul 12, 2012
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Explain external authentication.
parent
fa329129
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
22 additions
and
9 deletions
+22
-9
documentation/source/rest.rst
documentation/source/rest.rst
+22
-9
No files found.
documentation/source/rest.rst
View file @
15ff6551
...
...
@@ -31,27 +31,40 @@ Example of using Bearer token::
Authorization: Bearer 7Fjfp0ZBr1KtDRbnfVdmIw
Facebook
authentication
External
authentication
+++++++++++++++++++++++
It is possible to use Facebook as Authorisation Server in Oauth 2.0
architecture. Client shall fetch `access_token` as described in
https://developers.facebook.com/docs/authentication/client-side/ and later use
it as in specially crafted `Authorization` header::
It is possible to use Facebook and Google as Authorization Server with Oauth 2.0
access tokens. Client shall fetch `access_token` as described in:
* https://developers.facebook.com/docs/authentication/client-side/ (Facebook)
* https://developers.google.com/accounts/docs/OAuth2Login (Google)
Such token shall be passed in `Authorization` header, in case of Facebook::
GET /api/v1/instance/{instance_id} HTTP/1.1
Host: example.com
Accept: application/json
Authorization: Facebook retrieved_access_token
and in case of Google::
GET /api/v1/instance/{instance_id} HTTP/1.1
Host: example.com
Accept: application/json
Authorization: Facebook access_token_from_facebook
Authorization: Google retrieved_access_token
The client is responsible for having its own
Facebook
application ID and
The client is responsible for having its own application ID and
configure it that user basic information and email will be available after
using `access_token`, for example by fetching token after query like::
https://www.facebook.com/dialog/oauth?client_id=FB_ID&response_type=token&redirect_uri=APP_URL&scope=email
Server will contact with Facebook and use the logged in user profile. Facebook
is trusted by server.
While passing access token Vifib.net server will contact proper Authorization
Server (Google or Facebook) and use proper user profile. In case of first time
usage of the service the user will be automatically created, so application
shall be prepared to support HTTP ``"202 Accepted"`` code, as described in `Response status code`_.
Exchange format
---------------
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment