Giter VIP home page Giter VIP logo

webconnect's Introduction

#Connect Addon Identity Module extension for Firefox.

The latest published version is available at: https://addons.mozilla.org/fr/firefox/addon/web-identity-management/ (v0.2.2 awaiting review by Mozilla, v0.1.2 is unstable)

Installation

npm install

Run

npm run start

Usage

Firstly it is necessary to register one or more identity card in the extension. This can be done on your Identity Provider profile's page. For instance, our demonstration IdP offer a register button:

https://energyq.idp.rethink.orange-labs.fr/

capture d ecran 2017-03-03 a 14 06 06

To verify that the identity card was added to the extension, click on the connect button extension in the browser task bar. This should open a pop-up displaying registered identities.

Login

Navigate to a (compatible) web site you want to login with, for instance:

https://acor-webrtc.rethink2.orange-labs.fr/

Following the login instructions, click on the connect button.

capture d ecran 2017-03-03 a 14 05 53

This will open a popup requesting to select an identity. Click on the identity of your choice. The extension will then instantiate an IdP-Proxy to communicate with your IdP. The process may redirect to a page requiring you to authenticate on your IdP.

capture d ecran 2017-03-03 a 14 06 47

Technically?

The extension is merely used to store pointer to registered IdP Proxy. IdP Proxy are specified by WebRTC to allow user-to-user authentication. Once the user select an identity (and thus an IdP Proxy), the extension passes the references to a RTCPeerConnection object (a new WebRTC connection) and call the getIdentityProvider function. Note that the WebRTC connection is not established, we juste reuse the sandboxing implementation.

Then the generated Identity Assertion is returned to the web page requesting authentication. It can then be sent to the server for validation. Our client server implementation uses a Passport Strategy for JWT verification to do that.

Links and examples

https://github.com/reTHINK-project/dev-IdPServer - Compatible Identity Provider

https://github.com/Sparika/ACOR_SDP/ - Compatible client web site requiring authentication

https://github.com/Sparika/passport-jwt - Modified JWT strategy, used by ACOR_SDP

https://www.w3.org/TR/webrtc/#sec.identity-proxy - WebRTC Identity specification

webconnect's People

Contributors

kcorre avatar

Stargazers

Ellie Schieder avatar Jorge Fernández avatar

Watchers

James Cloos avatar Kevin avatar

Forkers

sbecot

webconnect's Issues

WebRTC getIdentityAssertion blocked on background script

The call to getIdentityAssertion from RTCPeerConnection in the background script is blocked. It may be due to several cause:

  • CORS issue on moz-extension:// scheme
  • Unauthorized script-src (IdP domain) in script

Current solution is to instantiate the RTCPeerConnection in a iframe from a weborigin (https).

Required update is at least to serve the iframe from the web (gh-page ?), rather than from localhost.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.