changtimwu / changtimwu.github.com

Tim's testing/practice notes
7 stars 2 forks source link

social identity integration #35

Open changtimwu opened 9 years ago

changtimwu commented 9 years ago

auth0.com

changtimwu commented 9 years ago

整合基本觀念

主要步驟

changtimwu commented 8 years ago

cognito identity APIs https://github.com/aws/amazon-cognito-js

angular & cognito https://github.com/jrummler/angular-aws-cognito-starter

changtimwu commented 8 years ago

https://github.com/olegabu/cognito-helper/ https://github.com/sahat/satellizer

changtimwu commented 8 years ago

good jwt presentation http://www.slideshare.net/liuggio/json-web-token-api-authorization

changtimwu commented 8 years ago

satellizer 主要 API

notes

client pre-login

server

client after login

$http.get('/api/me');
changtimwu commented 8 years ago

user 在尚未有 JWT 的情況做 /auth/facebook

user 在已經有 JWT 的情況做 /auth/facebook

changtimwu commented 8 years ago

一定要在 server call social provider嗎? Q: 純 client side 在沒有 facebook app secret key 的是可以直接拿到 user 自己的 profile ? A: Yes, 只要有 access token 就可以 browser side:

$.getJSON("https://graph.facebook.com/me?fields=email&access_token=<access_token>").then(function(ret){console.log("ret=",ret)});

server side:

curl "https://graph.facebook.com/me?fields=email&access_token=<access token>"

FB access token 有兩種

satellite 流程