I plan on hijacking it via the manifest redirect option anyways, so the URL given will be fine.
----- Original Message ----- > From: "Sean McArthur" <[email protected]> > To: "Michael Cooper" <[email protected]> > Cc: "Sean McArthur" <[email protected]>, "Chris Karlof" > <[email protected]>, "Francisco Jordano" <[email protected]>, > [email protected], [email protected], "Support Engineering" > <[email protected]> > Sent: Thursday, November 20, 2014 4:17:44 PM > Subject: Re: Firefox Accounts, SUMO, and BuddyUp > Oh ok. I'll put together a client in our dev server for now. When you guys > are ready to move to stage/prod, we can have ops take care of those secrets. > Seeing as it's dev, do you want a different redirect URL? > On Thu, Nov 20, 2014 at 3:01 PM, Michael Cooper < [email protected] > > wrote: > > Yes, I plan on moving forward with it. As I understand it, I am required to > > get a client key and secret from you before I can do anything. I don't have > > that information yet. > > > > From: "Sean McArthur" < [email protected] > > > > > > > To: "Michael Cooper" < [email protected] > > > > > > > Cc: "Chris Karlof" < [email protected] >, "Francisco Jordano" < > > > [email protected] >, [email protected] , [email protected] , > > > "Support Engineering" < [email protected] >, "Sean McArthur" < > > > [email protected] > > > > > > > Sent: Thursday, November 20, 2014 2:48:30 PM > > > > > > Subject: Re: Firefox Accounts, SUMO, and BuddyUp > > > > > > I'm sorry, what update were you hoping for? I misunderstood your last > > > message > > > as meaning you were going to move forward with it. > > > > > > On Thu, Nov 20, 2014 at 2:46 PM, Michael Cooper < [email protected] > > > > wrote: > > > > > > > Any update on this? I'd like to start working on this integration soon. > > > > > > > > > > ----- Original Message ----- > > > > > > > > > > > From: "Michael Cooper" < [email protected] > > > > > > > > > > > > To: "Chris Karlof" < [email protected] > > > > > > > > > > > > Cc: "Francisco Jordano" < [email protected] >, > > > > > [email protected] > > > > > , > > > > > [email protected] , "Support Engineering" > > > > > > > > > > > < [email protected] >, "Sean McArthur" < [email protected] > > > > > > > > > > > > Sent: Monday, November 10, 2014 9:32:56 AM > > > > > > > > > > > Subject: Re: Firefox Accounts, SUMO, and BuddyUp > > > > > > > > > > > > > > > > > > > > > > I think a decent choice would be to make the redirect URL > > > > > > > > > > > " https://support.mozilla.org/redirects/buddyup-fxa-oauth ". That > > > > > gives > > > > > SUMO > > > > > > > > > > > the ability to catch situations where the BuddyUp app doesn't work as > > > > > > > > > > > expected (and probably give an error message), and also give the > > > > > BuddyUp > > > > > app > > > > > > > > > > > a way to hijack those redirects to point to a local file, with the > > > > > > > > > > > "redirects" manifest key. > > > > > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > > > > > From: "Chris Karlof" < [email protected] > > > > > > > > > > > > > To: "Michael Cooper" < [email protected] > > > > > > > > > > > > > Cc: "Francisco Jordano" < [email protected] >, > > > > > > [email protected] > > > > > > , > > > > > > > > > > > > [email protected] , "Support Engineering" > > > > > > > > > > > > < [email protected] >, "Sean McArthur" < [email protected] > > > > > > > > > > > > > Sent: Friday, November 7, 2014 10:12:49 AM > > > > > > > > > > > > Subject: Re: Firefox Accounts, SUMO, and BuddyUp > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Nov 6, 2014, at 11:48 AM, Michael Cooper < [email protected] > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > > > > > Francisco, Sean > > > > > > > > > > > > > > > > > > > > > > > > > > Those are both really great to hear+. Especially the redirects > > > > > > > feature > > > > > > > > > > > > > of the manifest file is really useful. I have several flow > > > > > > > diagrams > > > > > > > in > > > > > > > a > > > > > > > > > > > > > notepad on my desk, all of them are scribbled out, and have big > > > > > > > question > > > > > > > > > > > > > marks between the app and the server after the redirect. This > > > > > > > simplifies > > > > > > > > > > > > > things a lot, thanks. > > > > > > > > > > > > > > > > > > > > > > > > > > I still need to figure out what the redirect url for BuddyUp will > > > > > > > be, > > > > > > > > > > > > > I'll let you know when I've figured that out, and then we can set > > > > > > > up > > > > > > > a > > > > > > > > > > > > > client_id, etc. Does that sound good? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We can certainly accommodate non-http redirect URLs. We already do > > > > > > with > > > > > > > > > > > > Loop, > > > > > > > > > > > > but I need to look into what Francisco references to make sure we > > > > > > can > > > > > > > > > > > > support your use case properly. Michael, what redirect URL would > > > > > > you > > > > > > like > > > > > > > > > > > > for the BuddyUP app? > > > > > > > > > > > > > > > > > > > > > > > > -chris > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -M > > > > > > > > > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > > > > > >> From: "Francisco Jordano" < [email protected] > > > > > > > > > > > > > >> To: "Sean McArthur" < [email protected] > > > > > > > > > > > > > >> Cc: "Michael Cooper" < [email protected] >, > > > > > > >> [email protected] > > > > > > >> , > > > > > > > > > > > > >> [email protected] , "Support Engineering" > > > > > > > > > > > > >> < [email protected] > > > > > > > > > > > > > >> Sent: Thursday, November 6, 2014 5:00:09 AM > > > > > > > > > > > > >> Subject: Re: Firefox Accounts, SUMO, and BuddyUp > > > > > > > > > > > > >> > > > > > > > > > > > > >> Hi all, > > > > > > > > > > > > >> > > > > > > > > > > > > >> unfortunately there is no much documentation how a package app > > > > > > >> works > > > > > > > > > > > > >> with > > > > > > > > > > > > >> OAuth, but it does :) > > > > > > > > > > > > >> > > > > > > > > > > > > >> The key is on the manifest, we have a special field call > > > > > > >> 'redirects', > > > > > > > > > > > > >> which > > > > > > > > > > > > >> will make gecko to redirect any url to a local file, an example > > > > > > >> of > > > > > > >> this: > > > > > > > > > > > > >> > > > > > > > > > > > > >> https://github.com/arcturus/firefoxos-contacts-importer/blob/master/importer/manifest.webapp#L24-L27 > > > > > > > > > > > > >> > > > > > > > > > > > > >> "redirects": [ > > > > > > > > > > > > >> {"from": " http://postmessageitor.eu01.aws.af.cm/ ", > > > > > > > > > > > > >> "to": "/redirect.html"} > > > > > > > > > > > > >> ] > > > > > > > > > > > > >> > > > > > > > > > > > > >> Basically the url register in the OAuth service for the callback > > > > > > >> action > > > > > > > > > > > > >> (redirect_uri) was ' http://postmessageitor.eu01.aws.af.cm/ ', > > > > > > >> gecko > > > > > > >> will > > > > > > > > > > > > >> redirect the request (with all headers, and parameters) to the > > > > > > >> local > > > > > > > > > > > > >> file > > > > > > > > > > > > >> '/redirect.html', and from them follow the process commented by > > > > > > >> Sean. > > > > > > > > > > > > >> > > > > > > > > > > > > >> Cheers, > > > > > > > > > > > > >> F. > > > > > > > > > > > > >> > > > > > > > > > > > > >> > > > > > > > > > > > > >> ----- Original Message ----- > > > > > > > > > > > > >> From: "Sean McArthur" < [email protected] > > > > > > > > > > > > > >> To: "Michael Cooper" < [email protected] > > > > > > > > > > > > > >> Cc: [email protected] , [email protected] , "Support > > > > > > >> Engineering" > > > > > > > > > > > > >> < [email protected] > > > > > > > > > > > > > >> Sent: Thursday, November 6, 2014 2:51:18 AM > > > > > > > > > > > > >> Subject: Re: Firefox Accounts, SUMO, and BuddyUp > > > > > > > > > > > > >> > > > > > > > > > > > > >> I don't have much understanding on how packaged apps and app > > > > > > >> URIs > > > > > > >> work, > > > > > > > > > > > > >> but I > > > > > > > > > > > > >> know the OAuth side :) > > > > > > > > > > > > >> > > > > > > > > > > > > >> You could try this: register a client for BuddyUp, with the > > > > > > >> redirect_uri > > > > > > > > > > > > >> pointing at (assuming Firefox OS supports this) > > > > > > > > > > > > >> `buddy-up://oauth/return`. > > > > > > > > > > > > >> You'll receive the query parameters `code` and `state`. You > > > > > > >> could > > > > > > >> then > > > > > > > > > > > > >> either, a) finish the dance by POSTing the code and > > > > > > >> client_secret > > > > > > > > > > > > >> straight > > > > > > > > > > > > >> to the OAuth server from the device, or b) POST the code to the > > > > > > >> sumo > > > > > > > > > > > > >> server, > > > > > > > > > > > > >> and allow it to fetch the token, store it in the db, and return > > > > > > >> it > > > > > > >> to > > > > > > > > > > > > >> the > > > > > > > > > > > > >> packaged app. > > > > > > > > > > > > >> > > > > > > > > > > > > >> a) has the downside of needing the secret to be packaged into > > > > > > >> the > > > > > > >> app, > > > > > > > > > > > > >> which > > > > > > > > > > > > >> is probably a no-go. > > > > > > > > > > > > >> > > > > > > > > > > > > >> On Wed, Nov 5, 2014 at 5:17 PM, Michael Cooper < > > > > > > >> [email protected] > > > > > > >> > > > > > > > > > > > > > >> wrote: > > > > > > > > > > > > >> > > > > > > > > > > > > >> > > > > > > > > > > > > >> I was reading the docs for Firefox Accounts [0]. They say that > > > > > > >> to > > > > > > >> become > > > > > > > > > > > > >> a > > > > > > > > > > > > >> relying service, we need to email to get a client ID and secret > > > > > > >> to > > > > > > >> use > > > > > > > > > > > > >> Firefox > > > > > > > > > > > > >> Account's OAuth2 provider. > > > > > > > > > > > > >> > > > > > > > > > > > > >> BuddyUp is an app that consumes SUMO APIs to provide a platform > > > > > > >> for > > > > > > > > > > > > >> users > > > > > > > > > > > > >> to > > > > > > > > > > > > >> ask and answer questions. Simply put, it's a Q/A app. We hope to > > > > > > >> have > > > > > > >> it > > > > > > > > > > > > >> installed by default in the future, and it will be a packaged > > > > > > >> app. > > > > > > > > > > > > >> > > > > > > > > > > > > >> I have a few questions about the OAuth process. Would it be > > > > > > >> possible > > > > > > >> to > > > > > > > > > > > > >> make > > > > > > > > > > > > >> the redirect URI a link into an app? It would be preferable if > > > > > > >> the > > > > > > >> app > > > > > > > > > > > > >> could > > > > > > > > > > > > >> get the OAuth callback directly, instead of SUMO having to some > > > > > > >> how > > > > > > > > > > > > >> relaunch > > > > > > > > > > > > >> the app. > > > > > > > > > > > > >> > > > > > > > > > > > > >> If that isn't possible, do you have any advice for using the > > > > > > >> OAuth > > > > > > >> flow > > > > > > > > > > > > >> from > > > > > > > > > > > > >> inside an app? I suppose it would also be possible to use the > > > > > > >> native > > > > > > > > > > > > >> BrowserID > > > > > > > > > > > > >> inspired APIs, but I understand that the OAuth2 flow is the > > > > > > >> preferred > > > > > > > > > > > > >> way > > > > > > > > > > > > >> going > > > > > > > > > > > > >> forward. > > > > > > > > > > > > >> > > > > > > > > > > > > >> Thanks, > > > > > > > > > > > > >> --Mike Cooper > > > > > > > > > > > > >> > > > > > > > > > > > > >> [0]: > > > > > > >> https://developer.mozilla.org/en-US/Firefox_Accounts#Firefox_OS > > > > > > > > > > > > >> _______________________________________________ > > > > > > > > > > > > >> Dev-fxacct mailing list > > > > > > > > > > > > >> [email protected] > > > > > > > > > > > > >> https://mail.mozilla.org/listinfo/dev-fxacct > > > > > > > > > > > > >> > > > > > > > > > > > > >> > > > > > > > > > > > > >> _______________________________________________ > > > > > > > > > > > > >> Buddyup mailing list > > > > > > > > > > > > >> [email protected] > > > > > > > > > > > > >> https://mail.mozilla.org/listinfo/buddyup > > > > > > > > > > > > >> > > > > > > > > > > > > > _______________________________________________ > > > > > > > > > > > > > Dev-fxacct mailing list > > > > > > > > > > > > > [email protected] > > > > > > > > > > > > > https://mail.mozilla.org/listinfo/dev-fxacct > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
_______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
