by Afforess » Wed Mar 20, 2013 6:17 am
by Vladisvok Destino » Wed Mar 20, 2013 6:34 am
by Afforess » Wed Mar 20, 2013 7:55 am
by SalusaSecondus » Wed Mar 20, 2013 8:52 am
by Afforess » Wed Mar 20, 2013 4:09 pm
SalusaSecondus wrote:While we do not (currently) support OAuth, we do support OpenID which may do what you want. Take a look at the bottom of your nation's settings page.
by SalusaSecondus » Wed Mar 20, 2013 5:51 pm
Afforess wrote:SalusaSecondus wrote:While we do not (currently) support OAuth, we do support OpenID which may do what you want. Take a look at the bottom of your nation's settings page.
Hm, just OpenID delegation it seems, and it requires effort on the part of the user (bad!). Am I wrong in this assessment?
by Laevendell » Thu Mar 21, 2013 5:26 pm
by SalusaSecondus » Thu Mar 21, 2013 9:46 pm
Laevendell wrote:I'm new to OpenID, but if a user enters their server and delegate information in the settings page, does that mean they'd then be able to log in to another website using the OpenID "www.nationstates.net/nation=Laevendell" (in my case) or would the OpenID be something else (or have I quite misunderstood how the delegation works)?
If my assumptions are correct, does that mean that page (http://www.nationstates.net/nation=Laevendell) adds OpenID-"<link>"-tags in the header to enable this?
by [violet] » Fri Mar 22, 2013 4:33 pm
SalusaSecondus wrote:While we do not (currently) support OAuth, we do support OpenID which may do what you want. Take a look at the bottom of your nation's settings page.
by SalusaSecondus » Fri Mar 22, 2013 4:59 pm
[violet] wrote:SalusaSecondus wrote:While we do not (currently) support OAuth, we do support OpenID which may do what you want. Take a look at the bottom of your nation's settings page.
Can OpenID be used to do some of the things tool authors are clamoring for? I don't know much about it.
There seem to be two usage cases:So #1 is about whether the 3rd party site can trust the user, and #2 is about whether the user can trust the 3rd party site.
- A third-party site wants to be able to tell whether a user really is "<nation>" or not. E.g. an offsite forum that only lets people sign up under the name of a nation they own.
- A third-party site/tool wants to be able to access private information or execute actions on behalf of a nation. E.g. a management tool that will log in and answer issues for your puppets, but shouldn't be allowed to change your password.
OpenID would work for #1 but not #2, is that right?
by Afforess » Fri Mar 22, 2013 11:00 pm
[violet] wrote:SalusaSecondus wrote:While we do not (currently) support OAuth, we do support OpenID which may do what you want. Take a look at the bottom of your nation's settings page.
Can OpenID be used to do some of the things tool authors are clamoring for? I don't know much about it.
There seem to be two usage cases:So #1 is about whether the 3rd party site can trust the user, and #2 is about whether the user can trust the 3rd party site.
- A third-party site wants to be able to tell whether a user really is "<nation>" or not. E.g. an offsite forum that only lets people sign up under the name of a nation they own.
- A third-party site/tool wants to be able to access private information or execute actions on behalf of a nation. E.g. a management tool that will log in and answer issues for your puppets, but shouldn't be allowed to change your password.
OpenID would work for #1 but not #2, is that right?
OpenID is a way to specify one identity for multiple sites so you don't need to register over and over again.
OAuth is a way to allow one application access to one account without giving said application your account login information. You can use them in conjunction.
by SalusaSecondus » Sat Mar 23, 2013 11:38 pm
by Afforess » Sun Mar 24, 2013 12:26 am
SalusaSecondus wrote:I am aware of the differences. However, if you want to let people log into your forums with their NS account, OpenId is a better fit that OAuth (which is a way for them to grant access to their account to the forum). Also, setting up the OpenId delegate is actually much easier than you make it out to be. That said, it's been so long since I've looked at the spec, I can't remember how.
I could see making us an OpenId provider. I consider it currently unlikely that we'll implement OAuth.
by Glen-Rhodes » Sun Mar 24, 2013 10:32 am
SalusaSecondus wrote:I could see making us an OpenId provider. I consider it currently unlikely that we'll implement OAuth.
by Afforess » Wed Apr 03, 2013 8:42 am
Advertisement
Users browsing this forum: Almost Ireland, Courelli, Doughworld, East Chimore, East Oceania, Keres, Lustria-Vauhgray, Nordic Islandia Isles, Pentremeurig, Quincy, Schardonia, The Ambis, The Terren Dominion, Verderiesdre, Western Sur Texas Democratic Republic
Advertisement