Vladislav , oauth2 is not meant for authentication, is meant for authorization, if you use oauth2 for authentication, then you are introducing some security issues on your app http://www.thread-safe.com/2012/01/problem-with-oauth-for-authentication.html
if you want to authenticate your users in a safe way, you should use openid endpoint first, then the oauth2 proctected api to get additional user info, that is not provided by openid netiher its extensions (SREG/AX) by default regards 2015-04-16 9:57 GMT-03:00 Vladislav Kuzmin <vkuz...@mirantis.com>: > Sebastian, I've used only OAuth2.0 (not OpenID) for obtain an access_token > and I've used this documentation > http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/oauth2.html > . When I got the access_token, I called "OAuth 2.0 Rest API" for get info > about the user > http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/restapi/v1.html > . But "OAuth 2.0 Rest API" don't provide unique identifier for user. > My main goal is to get a unique ID for a user that I can use in my > application. > How I can get ID for user with OAuth2.0? > > On Thu, Apr 16, 2015 at 1:13 PM, Sebastian Marcet <smar...@gmail.com> > wrote: > >> Vladislav in order to user oauth 2.0, i am assuming that you are doing >> first an openid request, on the openid response ( possitive assertion >> http://openid.net/specs/openid-authentication-2_0.html#positive_assertions >> ) >> you will get param "openid.claimed_id", that one contains the openid url >> that after this patch is unique per user >> >> regards >> >> 2015-04-16 4:44 GMT-03:00 Vladislav Kuzmin <vkuz...@mirantis.com>: >> >> In this ticket https://storyboard.openstack.org/#!/story/2000239 is >>> mentioned only about OpenID. If I will be use OAuth2.0, how I can >>> distinguish between users? >>> I guess that User API >>> http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/restapi/v1.html#user-api >>> should provide an ID for each user. >>> >>> On Wed, Apr 15, 2015 at 9:17 PM, Sebastian Marcet <smar...@gmail.com> >>> wrote: >>> >>>> Hello! >>>> >>>> here is the ticket that we opened >>>> https://storyboard.openstack.org/#!/story/2000239 >>>> >>>> regards >>>> >>>> 2015-04-15 12:54 GMT-03:00 Jeremy Stanley <fu...@yuggoth.org>: >>>> >>>> On 2015-04-15 10:08:08 -0500 (-0500), Jimmy McArthur wrote: >>>>> > Hello! We are trying to open a ticket for this, but it looks like >>>>> > Launchpad for OpenStackID isn't configured yet. Can you let us >>>>> > know what we need to do to set that up? >>>>> [...] >>>>> >>>>> Task tracking for all "openstack-infra" repos moved from Launchpad >>>>> to Storyboard late last year once its development grew closer to >>>>> general usability. Log in at https://storyboard.openstack.org/ and >>>>> then add a story at https://storyboard.openstack.org/#!/project/728 >>>>> for the openstack-infra/openstackid repo (looks like there are none >>>>> active for that Git repo currently). >>>>> -- >>>>> Jeremy Stanley >>>>> >>>> >>>> >>>> >>>> -- >>>> Ing. Sebastian Marcet >>>> >>>> SKYPE: sebastian.marcet >>>> >>> >>> >> >> >> -- >> Ing. Sebastian Marcet >> >> SKYPE: sebastian.marcet >> > > -- Ing. Sebastian Marcet SKYPE: sebastian.marcet
_______________________________________________ OpenStack-Infra mailing list OpenStack-Infra@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra
