I'm no expert in the details of authentication in Loop, and I'm not sure
I fully understand the problem you're trying to solve here. But I'll
try to offer a few pointers, ask a few questions, and see what we can
figure out...
Adding Alexis and Remy who are much more familiar with the Loop server code.
On Mon, Feb 16, 2015 at 10:16 AM, Oleksandr Kyetov
<[email protected] <mailto:[email protected]>> wrote:
I am working on the project which involves synchronization between
Loop Server API and Firefox Account
What I have:
1. I have Firefox Account with valid credentials
2. I able to use Loop Server API
Here is drawing of what I need:
https://docs.google.com/drawings/d/1s6F0iKSWGLN8FTNsuMvB0ebNqbofIsGcuaLEi4BINCY/edit?usp=sharing
Here is what I need in words:
1. Log in to Firefox Account via Firefox
Do you want to login to the browser itself, or via some hosted web content?
You'll almost certainly want to talk to Firefox Accounts via our OAuth API:
https://developer.mozilla.org/en-US/Firefox_Accounts#Firefox_Accounts_OAuth_2.0_API
I see that the Loop server already has some endpoints for OAuth integration:
https://docs.services.mozilla.com/loop/apis.html#integration-with-firefox-accounts-using-oauth
But it looks like they're designed for access via the browser's builtin
FxA OAuth classes, rather than from web content.
2. Call POST /registration Loop Server endpoint using user from step
1 (<<< Here is the biggest problem. How to call /registration
endpoint using Firefox Account credentials?)
3. Call POST /call-url Loop Server endpoint with hawk-session-token
derived from response in 2 step
4. Give generated call URL to the client
5. Make sure Firefox Account user sees generated URL in the Firefox
(<<< another problem here. How to notify Firefox Account about call
URL generated)
So, it should look like:
1. Client click a button
2. Server generates a call URL on server side using support user
Firefox Account credentials
3. Server passes call URL back to client
4. Server notifies support user Firefox Account about client
generated call URL
Apologies, I don't think I have enough context on the product here to
understand the above flow.
In the diagram you linked, what is "Application" and where/how is it
running? Is it web content? Or something built into firefox?
I have read a load of documentation, including:
https://wiki.mozilla.org/Identity/Firefox_Accounts
https://docs.services.mozilla.com/loop/apis.html#post-call-url
https://github.com/mozilla-services/loop-server
and did not find solution for that :(
According to Loop Server API, it is possible to register with
Firefox Account. For that I need to have Firefox Account assertions,
but I can't get those either
This is something of a legacy setup, since we had to ship Loop before
the FxA OAuth infrastructure was ready. We are deliberately
discouraging the use of "assertions" for new products and encouraging
integration via the OAuth flow.
POST /registration
<https://docs.services.mozilla.com/loop/apis.html#id17><https://docs.services.mozilla.com/loop/apis.html#post-registration>
Associates a Simple Push Endpoint (URL) with a user. Always
return an hawk session token in the Hawk-Session-Token header.
Alexis or Remy, is there an equivalent endpoint that can be accessed
with an OAuth token rather than a raw FxA assertion?
Cheers,
Ryan
_______________________________________________
dev-media mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-media
