Open cdsmith opened 6 years ago
rcook
commented
6 years ago @cdsmith: I'm very close to having my local auth system ready to submit for another code review. Things have been hectic of late! I certainly haven't given up on this feature.
I took a look at clever.com and they offer OAuth2 so integrating it shouldn't be too tricky, though it's somewhat orthogonal to my local auth feature. However, it's in the same code path so I'll take a look at it and get back to you soon.
rcook
commented
6 years ago @cdsmith : I'm investigating how we might integrate with Clever.com. I have set up a developer account and sandbox school district with them and hope to have a plan soon. I am considering moving over to https://github.com/MrSwitch/hello.js to perform OAuth2 authentication (instead of using the Google API client library) since it supports multiple OAuth2 providers and it should be straightforward to write a Clever.com plugin for it. I have a couple of tech support tickets open with Clever.com support to figure out the best way to integrate with their service.
cdsmith
commented
6 years ago @rcook Thanks for your effort here. Please let me know if there's anything I can do to help out with this.
rcook
commented
6 years ago @cdsmith: My pleasure. I think I'll have a design soon. Clever.com requires an OAuth proxy (since it requires a client secret to be provided). I'm confident that codeworld-server can be modified without too much difficulty to provide an appropriate endpoint.
There are some higher-level considerations around account handling in general we will need to address: I think we should support both Google and Clever access in parallel. Therefore, we'll need to start scoping user data by the authentication provider. Thus, user X authenticated by Clever would be treated as entirely distinct from user X" authenticated by Google. This may require that we rearrange the existing user data on the live CodeWorld instance. It shouldn't be too tricky: it should, in fact, just be a matter of renaming some directories on disc.
cdsmith
commented
6 years ago I spoke with someone from Clever today. They offer a lot of different services, but seemed to think that it wouldn't be a problem to integrate with their oauth service using the account I created. It would mean wrapping the Google authentication API, as @rcook suggested, and adding a UI to choose a login provider.
rcook
commented
6 years ago Sorry I haven't had a chance to work on this more.
cdsmith
commented
6 years ago That's fine. I'm not in a big hurry yet. So far, everywhere I've taught has had Google accounts.
cdsmith
commented
5 years ago Repurposing this bug for Clever, which was the original request, since https://github.com/google/codeworld/pull/656 already implemented local auth.
At least one Louisiana middle school has asked for an alternative to Google for login, based on the fact that they can't get admin to sign up or Apps for Edu accounts. They suggested using clever.com. They said that clever.com accounts act a lot like Google accounts, and they are able to use Google Docs with them. That's surprising, but I don't know anything about it. In any case, I should look into what it would take to add support for clever.com. This might also relate to work that @rcook was doing.