Doh. I didn't notice the reply-to doesn't go to the mailing list.... ----
Thanks Remy! I've got a client that seems to login now. I get a code, I pass that into my EC2 box and in the end I end up getting a JSON blob with a bearer token. I'm doing something wrong when I try to fetch the user profile though. I'm doing something like this: curl -v \ -H "Authorization: Bearer c004f4d49008326dc873f0d19eef9ee371c788bea0b888fb7aafa422e1d72d30" \ "https://oauth-stable.dev.lcip.org/v1/profile"; Can I use that bearer token from both my phone *and* my EC2 box? How long can I expect the token to be valid for? vic On Wed, May 20, 2015 at 3:58 AM, Rémy Hubscher <[email protected]> wrote: > Hello Vic, > > So basically all you want to do is to get the user id after the login, is > that right? > > If I get it right, all you have to do is to register a client to Firefox > Account (you can do it yourself for development here: > https://oauth-stable.dev.lcip.org/console/clients (log with a @mozilla.com > email)) > > > All the steps are defined here: > https://developer.mozilla.org/en-US/docs/Mozilla/Tech/Firefox_Accounts/Introduction > > The login flow is the following: > > > 1. You open a browser view with the Firefox Account login page asking > for a list of scopes (in your case it might be *mozstumbler*) If you > need the email you may ask *profile:email* as well > 1. You give a *state*, the *scope*s and your *client_id* > 2. See > > https://github.com/mozilla/fxa-oauth-server/blob/master/docs/api.md#get-v1authorization > 2. Then the user logs in and is redirected to your service with a *code* > and a *state* (a session that you gave him) > 3. Then you talk to the Firefox Account server to exchange this code > and state with a access token. > 1. See > > https://github.com/mozilla/fxa-oauth-server/blob/master/docs/api.md#post-v1token > 4. This bearer token give you access to the FxA user id as well as > the email if you need it. > 1. > > https://github.com/mozilla/fxa-profile-server/blob/master/docs/API.md#get-v1email > 5. You must also validate that this Bearer token have got the > *mozstumbler* scope > > > Since you are in an Android app, you will need to setup a redirect url > that will be catched by your app after the login so that you get back the > code and state and can handle them. (See > http://stackoverflow.com/a/2958870/186202) > > Hope this helps you, > > Rémy > > > > Le 19/05/2015 22:16, Victor Ng a écrit : > > Hi! > > We'd like to look at getting FxA integration into the mozilla stumbler, > but I'm pretty confused as to what I actually need to do. > > The use case we have is that we are launching localized leaderboards. > Basically - geographically scoped score boards. > > The intent here is to login to the mobile application - not a particular > web service. > > The name of our app is "Mozilla Stumbler" > > We're running our dev leaderboard instance on : > ec2-52-1-93-147.compute-1.amazonaws.com , we can set the redirect_uri to > whatever makes sense or is defacto standard for FxA. > > > thanks! > vic > > > _______________________________________________ > Dev-fxacct mailing > [email protected]https://mail.mozilla.org/listinfo/dev-fxacct > > > > _______________________________________________ > Dev-fxacct mailing list > [email protected] > https://mail.mozilla.org/listinfo/dev-fxacct > >
_______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
