Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrate OAuth2 Support #4

Open
alyx opened this issue Nov 8, 2020 · 1 comment
Open

Integrate OAuth2 Support #4

alyx opened this issue Nov 8, 2020 · 1 comment

Comments

@alyx
Copy link
Owner

alyx commented Nov 8, 2020

As a non-Mozilla/Firefox-centric user, I would like to be able to use my own choice of account platform in order to authenticate users against my own user database.

OAuth2 seems like the most reasonable choice for this. It is essentially the defacto web standard for cross-site authentication and Firefox Accounts (FXA) seem to be essentially a mutated OAuth2 system.

My hope is that some of the existing account connection plumbing can be reused, but this is pending more experimentation with "standard" / 3rd party OAuth providers. -- Per a discussion on IRC, it seems unlikely that the entirety can be used, but my thoughts are that we can at least modify the existing FXA checks throughout the application and only renovate the existing login flow.
@swantzter
Copy link

Hmm this might be trickier than initial research made it look like... Apparently fxa does some keypair generation shenanigans as mentioned in mozilla/send#1381

But perhaps its possible move that logic into send, or even simplify away the need for it somehow

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alyx @swantzter