desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #119965
[Bug 1457298] Re: invalid auth for online-account
Hi! The signon-plugin-oauth only handles OAuth 1.0 and 2.0. Since yupoo
uses its own non-standard authentication, you cannot use the signon-
plugin-oauth with it.
You need to write a signon plugin specialized for yupoo. Unfortunately this is not well documented, but at least there are a few examples of signon plugins around.
The more complex is certainly signon-plugin-oauth, but here's a few simpler ones:
https://gitlab.com/accounts-sso/signon-plugin-digest
https://gitlab.com/accounts-sso/signon-plugin-sasl
(click on the "Files" tab on the left to see the project files)
I had a look at the yupoo documentation at
http://dev.yupoo.com/apidoc2/www/ but since it's in Chinese, I didn't
understand much about it. It appears that it all starts with this call
(please correct me if I'm wrong):
http://www.yupoo.com/services/auth/?api_key=[api_key]&perms=[perms]&api_sig=[api_sig]
The above link should be opened in a web view, where the user will be asked to authenticate and authorize the app, and then it will be redirected to the callback url, which will have the "frob" appended in a query item. Is my understanding correct?
And, what do you need in order to generate the "api_sig"?
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to signon-plugin-oauth2 in Ubuntu.
https://bugs.launchpad.net/bugs/1457298
Title:
invalid auth for online-account
Status in signon-plugin-oauth2 package in Ubuntu:
New
Bug description:
In order to launch authentication like most other accounts, yupoo need
to register a new .provider file to Online accounts.
But this XML-format file requires an standard-parameter request for
authenticating and accessing token, including client_id, token_path
and others, which doesn't match with the request format of yupoo.
Yupoo need to launch an auth with a link like
http://www.yupoo.com/services/auth/?api_key=[api_key]&frob=[frob]&perms=[perms]&api_sig=[api_sig].
It is an non standard-format request and need additional parameter
requests before accessing token. So we can hardly integrating the
entire auth of yupoo into Online-accounts.
Shall we provide an more agile policy for configure when creating the
.provide file?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/signon-plugin-oauth2/+bug/1457298/+subscriptions
Follow ups
References