[Openid-specs-ab] Handling IdP-specific information in AppAuth

William Denniss wdenniss at google.com
Tue Mar 7 17:42:54 UTC 2017 

Nice work Iain.

So far I've heard only positive responses to the plan, will be enacting it
shortly! Look forward to welcoming all your certified, appauth-supporting
IdP readmes :)
On Tue, Mar 7, 2017 at 2:17 AM Iain McGinniss <iainmcgin at google.com> wrote:

> The necessary changes to the Android demo app to follow the principles
> William has outlined here are implemented in:
>
> https://github.com/openid/AppAuth-Android/pull/185
>
> Once this is merged I'll be happy to accept pull requests for other IDP
> configuration instructions.
>
> Iain
>
> On Sun, Mar 5, 2017 at 6:38 PM, William Denniss <wdenniss at google.com>
> wrote:
>
> Recently there's been interest from other IdPs in adding samples and/or
> configuration information into AppAuth, alongside the current samples.
>
> There were also comments that AppAuth was too "Google focused", for
> example by listing the Google issuer in the sample.  It was *never* the
> the intent of the library to be Google focused (quite the opposite in
> fact), but since we were the first provider to support the pattern, and
> because the example & docs were written by Google engineers, some
> Google-specific info was added to the examples (but never the core library).
>
> To resolve both of these issues, I'm proposing the following:
>
>    1. All current and future examples in AppAuth will be generic. This is
>    a standards library after all, so there's no reason every sample shouldn't
>    work with every provider. If you want to add a new sample for us all to
>    use, fantastic! But it shouldn't be specific to your own IdP – those belong
>    in your own repositories.  An implication of this is that all
>    Google-related information (like the Google issuer) will be removed from
>    current samples.
>
>    2. Since every IdP has it's own registration and configuration quirks,
>    and to cater for the desire to have IdP specific information in the
>    repository as a convenience for developers, *qualified providers* will
>    be entitled to commit a README-provider.md file into the Examples directory
>    with their own instructions.  This is where IdP-specific information now
>    belongs, and is in the form of instructions only (not source code, though
>    it may contain code samples).
>
> A "qualified provider" needs to meet two requirements:
>
>    - Be OpenID Connect certified <http://openid.net/certification/>.
>    - Support the OAuth for Native Apps BCP (i.e pass this checklist
>    <https://tools.ietf.org/html/draft-ietf-oauth-native-apps-08#appendix-A>
>    ).
>
>
> This pull request <https://github.com/openid/AppAuth-iOS/pull/80> in
> AppAuth for iOS and macOS applies the above principles to the iOS and macOS
> library, moving all Google-specific information into a file named
> "README-Google.md".  The same work is currently being done in AppAuth for
> Android with a PR coming soon.
>
> Thank you to everyone who has expressed interest in collaborating on
> AppAuth! On behalf of the team, I'd like to welcome all other qualified
> providers to submit a pull request with your own configuration instructions!
>
> Best,
> William
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170307/7ab08e81/attachment.html>

More information about the Openid-specs-ab mailing list