[Social] OAuth integration

Peter Saint-Andre stpeter at stpeter.im
Tue Mar 25 14:25:37 CDT 2008 

Let's brainstorm OAuth integration.

The main use case I've heard is using OAuth tokens to do things like
subscribe to pubsub nodes. So I could authorize Dopplr (say) to
subscribe to my location node at FireEagle or whatever.

One possible approach would be to use XEP-0235 (it needs to be updated
so it's clear that the token generation method could be OAuth):

http://www.xmpp.org/extensions/xep-0235.html

Then Dopplr would provide that token when subscribing to the pubsub
node. But that part is not yet defined. Any thoughts about how to do
that? I foresee something like this....

1. Entity subscribes to a node

<iq type='set'
    from='dopplr.com'
    to='fireeagle.yahoo.net'
    id='sub1'>
  <pubsub xmlns='http://jabber.org/protocol/pubsub'>
    <subscribe node='stpeter_location'/>
  </pubsub>
</iq>

2. Service returns not-authorized error with indication that
authorization token is required (not sure about the x:data usage, and
the urn:xmpp:authtokens namespace is mythical, but probably it would be
something close to XEP-0235, which I plan to update soon)

<iq type='error'
    from='fireeagle.yahoo.net'
    to='dopplr.com'
    id='sub1'>
  <pubsub xmlns='http://jabber.org/protocol/pubsub'>
    <subscribe node='stpeter_location'/>
  </pubsub>
  <error type='auth'>
    <not-authorized xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
    <token-required xmlns='urn:xmpp:authtokens'>
      <x xmlns='jabber:x:data' type='form'>
        <field var='FORM_TYPE' type='hidden'>
          <value>urn:xmpp:authtokens</value>
        </field>
        <field var='token'
               type='text-single'
               label='Provide Your Authorization Token'/>
      </x>
    </token-required>
  </error>
</iq>

3. Entity provides authorization token with subscription request

<iq type='set'
    from='dopplr.com'
    to='fireeagle.yahoo.net'
    id='sub2'>
  <pubsub xmlns='http://jabber.org/protocol/pubsub'>
    <subscribe node='stpeter_location'>
      <x xmlns='jabber:x:data' type='submit'>
        <field var='FORM_TYPE' type='hidden'>
          <value>urn:xmpp:authtokens</value>
        </field>
        <field var='token'>
          <value>some-token-here</value>
        </field>
      </x>
    </subscribe>
  </pubsub>
</iq>

4. Service replies with success

<iq type='result'
    from='fireeagle.yahoo.net'
    to='dopplr.com'
    id='sub2'>
  <pubsub xmlns='http://jabber.org/protocol/pubsub'>
    <subscription
        node='stpeter_location'
        subid='ba49252aaa4f5d320c24d3766f0bdcade78c78d3'
        subscription='subscribed'/>
  </pubsub>
</iq>

We could do something similar for joining a chatroom or even creating an
XMPP account in the first place.

Thoughts?

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/social/attachments/20080325/e781daae/attachment-0001.bin

More information about the social mailing list