All, Siva and I have been working on getting authentication working in the UCI Engine and the cli in particular. There are a few methods for authorizing an access token via oauth2 for an insecure client. Most notably browser based and password based[1]. I'm thinking that we don't want to mess with user passwords and would take that option off the table. This leads me to think we could add an access_token end-point on the ticket-system (accessible via the webui-apache proxy) that simply does the standard web server based authentication we're currently doing for the webui and prints out the access token for the user to store in their keyring. I'm not sure if/how we can automate this further. Does anyone have ideas, suggestions, complaints, or other comments?
Thanks, Joe [1] http://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified#browser-based-apps -- Mailing list: https://launchpad.net/~canonical-ci-engineering Post to : [email protected] Unsubscribe : https://launchpad.net/~canonical-ci-engineering More help : https://help.launchpad.net/ListHelp
