Download - Easy Testing On Ruby Openid Consumers
![Page 1: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/1.jpg)
Easy Testing on Ruby OpenID Consumer
Implementationsby Roman Gonzalez.
Tuesday 24 March 2009
![Page 2: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/2.jpg)
Presentation Highlights
• What is OpenID?
• URL’s as our identity credentials
• OpenID Terminology
• The OpenID authentication process explained
• How to implement RP’s Ruby
Tuesday 24 March 2009
![Page 3: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/3.jpg)
Presentation Highlights
• Testing OpenID RP’s
• Demo (Rails, Merb)
• Q&A’s
Tuesday 24 March 2009
![Page 4: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/4.jpg)
What is OpenID?
• A protocol that promotes the use of a single digital identity (Single Sign On)
• Decentralized
• Simple and light-weight (no high security stuff)
• Built upon Web technologies (HTTP, DNS)
Tuesday 24 March 2009
![Page 5: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/5.jpg)
URL’s are our credentials
• Most of people already have an URL to represent their identity (Facebook, Twitter)
• They are globally unique and ubiquitous
Tuesday 24 March 2009
![Page 6: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/6.jpg)
OpenID Terminology
• Actors
• Identifier (URL of the user)
• User-Agent (normally a Web Browser)
• Relying Party (RP)
• OpenID Provider (OP)
Tuesday 24 March 2009
![Page 7: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/7.jpg)
OpenID Terminology
• Direct Messages
• HTTP POST requests from RP’s to OP’s
• Used for interchange of public keys
Tuesday 24 March 2009
![Page 8: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/8.jpg)
OpenID Terminology
• Indirect Messages
• HTTP Redirects from RP’s to OP’s and back
• Used for the authentication process
Tuesday 24 March 2009
![Page 9: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/9.jpg)
OpenID AuthenticationStep 1. Discovery
Tuesday 24 March 2009
![Page 10: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/10.jpg)
OpenID AuthenticationStep 1. Discovery
HTTP GET
Tuesday 24 March 2009
![Page 11: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/11.jpg)
OpenID AuthenticationStep 1. Discovery
Tuesday 24 March 2009
![Page 12: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/12.jpg)
OpenID AuthenticationStep 1. Discovery
Tuesday 24 March 2009
![Page 13: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/13.jpg)
OpenID AuthenticationStep 1. Discovery
Tuesday 24 March 2009
![Page 14: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/14.jpg)
OpenID AuthenticationStep 2. Association
Tuesday 24 March 2009
![Page 15: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/15.jpg)
OpenID AuthenticationStep 2. Association
HTTP POST
Exchange of public keys
Tuesday 24 March 2009
![Page 16: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/16.jpg)
OpenID AuthenticationStep 3. Give credentials to OP
Tuesday 24 March 2009
![Page 17: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/17.jpg)
OpenID AuthenticationStep 4. Choose which info to give to the RP
Tuesday 24 March 2009
![Page 18: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/18.jpg)
OpenID AuthenticationStep 5. You are _authenticated_
Tuesday 24 March 2009
![Page 19: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/19.jpg)
Implementing OpenID RP’s in Ruby
• Ruby On Rails: open_id_authentication by rails at http://github.com
• Merb: hassox’s merb-auth gem, using the OpenID strategy
• Rack: Using the auth/openid Rack app included in the gem
Tuesday 24 March 2009
![Page 20: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/20.jpg)
Testing OpenID RP’s
• How do we make test on it?
• First naive approach: mocking/stubbing the ruby-openid gem
• Why it is so hard to test?
• Multiple types of communication between the RP and the OP
• The existing OP’s need human interaction
Tuesday 24 March 2009
![Page 21: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/21.jpg)
Introducing ROTS (Ruby OpenID Test Server)
• It provides an “easy” interface for automated testing
• It uses an OP test servers (provided on the gem) and a test API
Tuesday 24 March 2009
![Page 22: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/22.jpg)
DEMO
Tuesday 24 March 2009
![Page 23: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/23.jpg)
Final Thoughts
• ROTS is _not_ a silver bullet
• OpenID is not perfect, and it is not trying to be
Tuesday 24 March 2009
![Page 24: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/24.jpg)
Resources
• http://openidexplained.com
• http://github.com/rails/open_id_auth
• http://github.com/roman/rots
• http://test-id.net
Tuesday 24 March 2009
![Page 25: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/25.jpg)
Q&A’s
Tuesday 24 March 2009
![Page 26: Easy Testing On Ruby Openid Consumers](https://reader034.vdocuments.net/reader034/viewer/2022050613/58892ac51a28ab77528b6e1b/html5/thumbnails/26.jpg)
Thanks...Contact Me
Follow: http://twitter/romanandregRead: http://blog.romanandreg.com
Tuesday 24 March 2009