Single Signon with silverstripe.org

[chillu]

Ideally with ss.org as an OAuth server, but that might be too many dependencies for now. We should get it right the first time though, don't want to get into migrating partial user accounts for hundreds of users

[camfindlay]

Any way to use github as a single signon for the whole .org ecosystem of sites? encouraging use of github and something to auth against not specifically tied to ss.org. Just an idea, not even sure it is possible.

[chillu]

With ss.org as an OAuth server, we can integrate many websites using the same protocol

[wilr]

Module for ouath server (simon was working on it last hackfest if I remember https://svn.pocketrent.com/public/oauth/trunk/). Using github SSO would be something to think about IMHO. Few sites going down the 'give people options' path (e.g https://app.raygun.io/signin)

[simonwelsh]

What'd be the point of having logins on addons?

[chillu]

Logins would allow for favourite addons. See http://knpbundles.com/KnpLabs/KnpSnappyBundle for a good implementation of that.

Github auth doesn’t allow you to share info between sites, right? For example, if a member profile on ss.org should show which modules they favourited on addons.ss.org. I guess that info could be available through a public API as well though.

But even correlating users between systems will be hard. Email is not a unique criteria, some people use specific email addresses for each service (ingo+ssorg@silverstripe.com vs ingo+github@silverstripe.com).

So needs more thought about the use cases we want to achieve before we go down either road.

[camfindlay]

raises the issue of, do we (or even can we technically assuming we migrated ss.org to 3.1 codebase) migrate the addons code into ss.org, replacing the old modules code?

[ss23]

I'm with @simonwelsh -- I don't understand the point of having a login for addons.

Seeing "favorite" modules etc is already handled by Github. I don't see us building anything better, and more importantly, I don't think any users would want it, beyond a gimmicky "Oh look I have a number to look at here and Github!".

Seems like a lot of work for replicating things that Github already does.

[camfindlay]

Just to raise the point again about why we need authentication (logins) on addons.ss.org, the community feedback project I have been working on at https://groups.google.com/forum/?fromgroups#!topic/silverstripe-dev/wZM23FbOb2w has highlighted that a system of reviews and ratings for modules has been the core request from the community. Each review/rating should come from someone who actually has a SilverStripe account on the main ss.org site. Any ideas how we might use something like OAuth to achieve this? End goal being I can login at addons with my ss.org account and review/rate a module.