Saturday 23 June 2012

Oauth integration: First month report


Summer is on, so it's code time. Hooray!

Beginnings are always harder, but the first development month have passed (as my finals) and I would like to speak about what I've been doing so the Sakai community will be updated properly. First of all, I must thank my mentor, Carl Hall for his work.

Now, let's talk about the project. Let's begin with the basic, this is the Oauth definition that we could find in the Wikipedia:
OAuth is an open standard for authorization. It allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically supplying username and password tokens instead. Each token grants access to a specific site (e.g., a video editing site) for specific resources (e.g., just videos from a specific album) and for a defined duration (e.g., the next 2 hours). This allows a user to grant a third party site access to their information stored with another service provider, without sharing their access permissions or the full extent of their data.
We can easily realize how useful it is for Sakai Nakamura to have an Oauth provider. It will allow third part applications, as native mobile apps, access to private resources to the users, useful isn't? Moreover, the community has already identify this need here [0]

 This first month I've been working basically in setting up the development environment, and learning about Oauth protocol. I was planning to write a tutorial with my notes but this tutorial [1], it's really useful. Anyway, if the spanish-speaking community will find it useful a translation of it, leave a comment and I will write it happily. Also, I fork Nakamura repository and I began to write the skeleton of the Oauth Client and Oauth Server (right now it's just an hello world), you can follow the development here [2].

I hope you are interested about the project, I would like to hear some feedback. And if you have anything to ask or suggest me, please do not hesitate.

By the way, happy Turing's day :)

[ 0] https://confluence.sakaiproject.org/display/KERNDOC/KERN-807+Add+support+to+the+proxy+server+for+3th+party+OAuth+applications
 [1] https://confluence.sakaiproject.org/display/KERNDOC/Nakamura+Boot+Camp
 [2] https://github.com/mshopper/nakamura