Securing Access with Oauth2

1

Javier CerviñoÁlvaro Alonso

Identity Manager

2

Identity Manager

3

Account

FI-WARE Account (Identity Manager) Demo

4

OAuth 2.0

5

OAuth Message Flow

6

Web App Account

redirect

request access-token

access-token

access-code

OA

uth

Lib

rary

Request user info using access-token

OAuth Libraries

http://oauth.net/2/

• PHP, Cocoa, iOS, Java, Ruby, Javascript, Python.

Example using Node.js

• https://github.com/ging/oauth2-example-client

7

OAuth Demo

8

Web Applications and GEs

9

Generic Enabler

Account

Request

+acc

ess

-toke

n

redirect

access-code

request access-token

access-token

access-token + path

OK + user info

Web AppO

Auth

Lib

rary

Web Applications and GEs

GET https://GE_URL HTTP/1.1

Host: GE_hostname

X-Auth-Token: access_token

10

AA for free!

11

Back-end Apps

Account

Request

+acc

ess

-toke

n

Web App

Oauth

Lib

rary

Proxy

redirect

access-code

request access-token

access-token

access-token + path

OK + user info

Links

Slides:

• http://tinyurl.com/ws2-fiware

FI-LAB Account:

• Source Code: https://github.com/ging/fi-ware-idm

• Documentation: https://github.com/ging/fi-ware-idm/wiki

FI-LAB OAuth Demo:

• https://github.com/ging/oauth2-example-client

FI-LAB Proxy:

• https://github.com/ging/fi-ware-pep-proxy

12

http://fi-ppp.eu

http://fi-ware.eu

Follow @Fiware on Twitter !

Thanks !

13