OpenID / OAuth2 authentication solution for DFC (and maybe more)

The Data Food Consortium (DFC) API connection will require an authentication through OpenID protocol.
Actually, the DFC prototype will request the DFC API on OFN application, using an OpenID token generated from an external OpenID server (today lescommuns.org). We will then need to verify this token to authorize the request.
As OpenID is based on OAuth2, my idea was to use the omniauth-oauth2 gem (https://github.com/omniauth/omniauth-oauth2omni-auth) to proceed this external authentication. Does it sound good?

Also, this OAuth2 integration could help to use Facebook Connect or Google Connect for example, I don’t know if it is something we want but we could discuss it here too.

1 Like

Hi @paco great.
I think this should not be specific to DFC, we should implement this in a generic way that can be used in the OFN REST API as well. Actually, this could also be used in the app, “login with google” type of thing. We could do for example “login with solid” at some point.

Re the gem, have you looked at other gems? Would be good to see what are the alternatives before deciding.

thanks!

2 Likes