SlideShare a Scribd company logo

Interface Drupal with desktop or webapp via OAuth & REST

Download as odp, pdf
N
Nicolas Froment

The document discusses integrating Drupal applications with desktop or web apps using OAuth and services, highlighting the importance of not sharing user credentials with third parties. It outlines the evolution of OAuth 1.0a after a security flaw was found and introduces various Drupal solutions, such as the OAuth module and Services framework, to facilitate this integration. Additional resources and references for further reading on OAuth specifications and related Drupal modules are also provided.

Technology
1 of 22
Downloaded 54 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
Interface Drupal with Desktop or Web app via OAuth + Services Nicolas Froment (@lasconic) http://lasconic.com http://wikifonia.org http://musescore.org DrupalCamp Ghent December 11th, 2009
Why OAuth? Don't give your credentials to 3 rd parties But give them the right to act for you
USER Service provider Your drupal website Consumer application Mobile, web, desktop Do I need OAuth?
Open standard
Oauth 1.0a? April 2009 a security flaw found -> Twitter closed Oauth in the hour In less than a week -> Oauth 1.0a fixes the flaw Add a verify code to get an access token Not supported by Drupal (yet)
Example Sending audio rendition of a score made with MuseScore to Soundcloud
 
 
 
 
Two Drupal solutions Oauth module Great overview about OAuth Not-so-good design Work with the unpublished « Webservices » Number 3 ...
The Services Way A nicely designed pluggable framework Built around pre existing librairies (OAuth) Reusable & flexible Maintained and in development heyrocker Hugo Wetterberg marcingy
Services Pluggable framework for services and servers REST JSON SOAP XMLRPC AMF Node resources Node File System User Taxonomy Menu
 
ResourceNode Service + REST Server Provides a resource view on node
Oauth modules OAuth commons Wrapper around Oauth PHP lib Lib hosted at google code Services Oauth Link to Services
 
Drupal example Application mywebsite.com
Let developers create applications
 
 
References Oauth spec & security issues http://oauth.net Oauth library for PHP, Java, Ruby, Javascript... http://code.google.com/p/oauth/ Modules http://drupal.org/project/Services http://drupal.org/project/rest_server http://drupal.org/project/oauth_common http://drupal.org/project/services_oauth

More Related Content

Viewers also liked (20)

PDF
Single Sign on e OpenID
Thomas Basciutti
 
PPT
Oauth
Mauro Tomasella
 
PDF
Implementing OAuth with PHP
Lorna Mitchell
 
PDF
Implementing OAuth
leahculver
 
PPT
Student Led Conferences 2009
Sacha Cotter
 
PDF
Introduction to the CII Badge Programe, OW2con'16, Paris.
OW2
 
PDF
Accelerating mission critical business processes with Bonita BPM 6. Antoine T...
OW2
 
PDF
Logic Circuit Project Final Presentation
Matthew Chang
 
PDF
Building Confidence into Products starts with upstream citizenship
OW2
 
PDF
OSS in Bigciites
OW2
 
PPT
The psychophysiology of tobacco use and craving
The Institute for Triple Helix Innovation
 
PDF
Ow2 Open World Forum09 Migration With Telosys
OW2
 
PDF
iPad Inquiry
wall530
 
PPT
Portland Front Yard Gardens
gardenmam
 
DOCX
Inteligencia emocional
Sol JO
 
PPT
2013 cch basic principles ch02
dphil002
 
PDF
Naturalization Webinar
guest5dabb0
 
PPT
Present Progressive Presentation
yarelli herrera
 
PPS
God Love You
azhar5i
 
PPTX
Opportunity analysis
Rahul Tom Joseph
 
Single Sign on e OpenID
Thomas Basciutti
 
Oauth
Mauro Tomasella
 
Implementing OAuth with PHP
Lorna Mitchell
 
Implementing OAuth
leahculver
 
Student Led Conferences 2009
Sacha Cotter
 
Introduction to the CII Badge Programe, OW2con'16, Paris.
OW2
 
Accelerating mission critical business processes with Bonita BPM 6. Antoine T...
OW2
 
Logic Circuit Project Final Presentation
Matthew Chang
 
Building Confidence into Products starts with upstream citizenship
OW2
 
OSS in Bigciites
OW2
 
The psychophysiology of tobacco use and craving
The Institute for Triple Helix Innovation
 
Ow2 Open World Forum09 Migration With Telosys
OW2
 
iPad Inquiry
wall530
 
Portland Front Yard Gardens
gardenmam
 
Inteligencia emocional
Sol JO
 
2013 cch basic principles ch02
dphil002
 
Naturalization Webinar
guest5dabb0
 
Present Progressive Presentation
yarelli herrera
 
God Love You
azhar5i
 
Opportunity analysis
Rahul Tom Joseph
 

Similar to Interface Drupal with desktop or webapp via OAuth & REST (20)

PPTX
RESTful in Drupal 8 and Services module - New`n`Tasty!
Dmytro Olaresko
 
PPTX
REST in Peace
Kate Marshalkina
 
PDF
Drupal South 2015: Introduction to Web Services. Services in Drupal 8.
TechnocratAu
 
PDF
OAuth - Open API Authentication
leahculver
 
PDF
OAuth Tokens
n|u - The Open Security Community
 
PDF
Drupal and communication
Peter Arato
 
PDF
[Srijan Wednesday Webinar] Decoupled Demystified: The Present & Future of Dr...
Srijan Technologies
 
PDF
Oauth Behind The Scenes
Thang Tran Duc
 
PPTX
Drupal 7 Web Services Crash Course
Noah Lively
 
PPTX
OAuth
Tom Elrod
 
PDF
OAuth 1.0
simonetripodi
 
PPTX
UC2013 Speed Geeking: Intro to OAuth2
Aaron Parecki
 
PDF
Stateless authentication for microservices
Alvaro Sanchez-Mariscal
 
PDF
When and Why Would I use Oauth2?
Dave Syer
 
PDF
OAuth and OEmbed
leahculver
 
PPTX
OAuth2 Presentaion
Bhargav Surimenu
 
PDF
OAuth
Iván Fernández Perea
 
PDF
ORCID OAuth Dance with google playground
ORCID, Inc
 
PPTX
OAuth 2 at Webvisions
Aaron Parecki
 
PDF
oauth-for-credentials-security-in-rest-api-access
idsecconf
 
RESTful in Drupal 8 and Services module - New`n`Tasty!
Dmytro Olaresko
 
REST in Peace
Kate Marshalkina
 
Drupal South 2015: Introduction to Web Services. Services in Drupal 8.
TechnocratAu
 
OAuth - Open API Authentication
leahculver
 
OAuth Tokens
n|u - The Open Security Community
 
Drupal and communication
Peter Arato
 
[Srijan Wednesday Webinar] Decoupled Demystified: The Present & Future of Dr...
Srijan Technologies
 
Oauth Behind The Scenes
Thang Tran Duc
 
Drupal 7 Web Services Crash Course
Noah Lively
 
OAuth
Tom Elrod
 
OAuth 1.0
simonetripodi
 
UC2013 Speed Geeking: Intro to OAuth2
Aaron Parecki
 
Stateless authentication for microservices
Alvaro Sanchez-Mariscal
 
When and Why Would I use Oauth2?
Dave Syer
 
OAuth and OEmbed
leahculver
 
OAuth2 Presentaion
Bhargav Surimenu
 
OAuth
Iván Fernández Perea
 
ORCID OAuth Dance with google playground
ORCID, Inc
 
OAuth 2 at Webvisions
Aaron Parecki
 
oauth-for-credentials-security-in-rest-api-access
idsecconf
 
Ad

Recently uploaded (20)

DOCX
Daily Lesson Log MATATAG ICT TEchnology 8
LOIDAALMAZAN3
 
PPTX
MARTSIA: A Tool for Confidential Data Exchange via Public Blockchain - Poster...
Michele Kryston
 
PDF
Automating the Geo-Referencing of Historic Aerial Photography in Flanders
Safe Software
 
PDF
DoS Attack vs DDoS Attack_ The Silent Wars of the Internet.pdf
CyberPro Magazine
 
PDF
Proactive Server and System Monitoring with FME: Using HTTP and System Caller...
Safe Software
 
PDF
Understanding The True Cost of DynamoDB Webinar
ScyllaDB
 
PDF
Dev Dives: Accelerating agentic automation with Autopilot for Everyone
UiPathCommunity
 
PPTX
Reimaginando la Ciberdefensa: De Copilots a Redes de Agentes
Cristian Garcia G.
 
PPTX
Smart Factory Monitoring IIoT in Machine and Production Operations.pptx
Rejig Digital
 
PDF
Quantum AI Discoveries: Fractal Patterns Consciousness and Cyclical Universes
Saikat Basu
 
PPTX
2025 HackRedCon Cyber Career Paths.pptx Scott Stanton
Scott Stanton
 
PDF
Hello I'm "AI" Your New _________________
Dr. Tathagat Varma
 
PDF
Plugging AI into everything: Model Context Protocol Simplified.pdf
Abati Adewale
 
PDF
Redefining Work in the Age of AI - What to expect? How to prepare? Why it mat...
Malinda Kapuruge
 
PDF
Enhancing Environmental Monitoring with Real-Time Data Integration: Leveragin...
Safe Software
 
PPTX
01_Approach Cyber- DORA Incident Management.pptx
FinTech Belgium
 
PDF
TrustArc Webinar - Navigating APAC Data Privacy Laws: Compliance & Challenges
TrustArc
 
PDF
Bridging CAD, IBM TRIRIGA & GIS with FME: The Portland Public Schools Case
Safe Software
 
PDF
FME as an Orchestration Tool with Principles From Data Gravity
Safe Software
 
PDF
Kubernetes - Architecture & Components.pdf
geethak285
 
Daily Lesson Log MATATAG ICT TEchnology 8
LOIDAALMAZAN3
 
MARTSIA: A Tool for Confidential Data Exchange via Public Blockchain - Poster...
Michele Kryston
 
Automating the Geo-Referencing of Historic Aerial Photography in Flanders
Safe Software
 
DoS Attack vs DDoS Attack_ The Silent Wars of the Internet.pdf
CyberPro Magazine
 
Proactive Server and System Monitoring with FME: Using HTTP and System Caller...
Safe Software
 
Understanding The True Cost of DynamoDB Webinar
ScyllaDB
 
Dev Dives: Accelerating agentic automation with Autopilot for Everyone
UiPathCommunity
 
Reimaginando la Ciberdefensa: De Copilots a Redes de Agentes
Cristian Garcia G.
 
Smart Factory Monitoring IIoT in Machine and Production Operations.pptx
Rejig Digital
 
Quantum AI Discoveries: Fractal Patterns Consciousness and Cyclical Universes
Saikat Basu
 
2025 HackRedCon Cyber Career Paths.pptx Scott Stanton
Scott Stanton
 
Hello I'm "AI" Your New _________________
Dr. Tathagat Varma
 
Plugging AI into everything: Model Context Protocol Simplified.pdf
Abati Adewale
 
Redefining Work in the Age of AI - What to expect? How to prepare? Why it mat...
Malinda Kapuruge
 
Enhancing Environmental Monitoring with Real-Time Data Integration: Leveragin...
Safe Software
 
01_Approach Cyber- DORA Incident Management.pptx
FinTech Belgium
 
TrustArc Webinar - Navigating APAC Data Privacy Laws: Compliance & Challenges
TrustArc
 
Bridging CAD, IBM TRIRIGA & GIS with FME: The Portland Public Schools Case
Safe Software
 
FME as an Orchestration Tool with Principles From Data Gravity
Safe Software
 
Kubernetes - Architecture & Components.pdf
geethak285
 
Ad

Interface Drupal with desktop or webapp via OAuth & REST

  • 1. Interface Drupal with Desktop or Web app via OAuth + Services Nicolas Froment (@lasconic) http://lasconic.com http://wikifonia.org http://musescore.org DrupalCamp Ghent December 11th, 2009
  • 2. Why OAuth? Don't give your credentials to 3 rd parties But give them the right to act for you
  • 3. USER Service provider Your drupal website Consumer application Mobile, web, desktop Do I need OAuth?
  • 5. Oauth 1.0a? April 2009 a security flaw found -> Twitter closed Oauth in the hour In less than a week -> Oauth 1.0a fixes the flaw Add a verify code to get an access token Not supported by Drupal (yet)
  • 6. Example Sending audio rendition of a score made with MuseScore to Soundcloud
  • 7.  
  • 8.  
  • 9.  
  • 10.  
  • 11. Two Drupal solutions Oauth module Great overview about OAuth Not-so-good design Work with the unpublished « Webservices » Number 3 ...
  • 12. The Services Way A nicely designed pluggable framework Built around pre existing librairies (OAuth) Reusable & flexible Maintained and in development heyrocker Hugo Wetterberg marcingy
  • 13. Services Pluggable framework for services and servers REST JSON SOAP XMLRPC AMF Node resources Node File System User Taxonomy Menu
  • 14.  
  • 15. ResourceNode Service + REST Server Provides a resource view on node
  • 16. Oauth modules OAuth commons Wrapper around Oauth PHP lib Lib hosted at google code Services Oauth Link to Services
  • 17.  
  • 18. Drupal example Application mywebsite.com
  • 19. Let developers create applications
  • 20.  
  • 21.  
  • 22. References Oauth spec & security issues http://oauth.net Oauth library for PHP, Java, Ruby, Javascript... http://code.google.com/p/oauth/ Modules http://drupal.org/project/Services http://drupal.org/project/rest_server http://drupal.org/project/oauth_common http://drupal.org/project/services_oauth