From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id C994C95FDE5 for ; Fri, 29 Apr 2022 13:29:57 +0200 (CEST) Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 23TBTvIO003811 for ; Fri, 29 Apr 2022 13:29:57 +0200 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 4D6BCE225A for ; Fri, 29 Apr 2022 13:29:57 +0200 (CEST) X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id pUWAJnU4RFYo for ; Fri, 29 Apr 2022 13:29:55 +0200 (CEST) Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 54C45E2258 for ; Fri, 29 Apr 2022 13:29:55 +0200 (CEST) Date: Fri, 29 Apr 2022 13:29:55 +0200 Message-ID: <87zgk4m8jw.wl-jch@irif.fr> From: Juliusz Chroboczek To: galene@lists.galene.org User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/27.1 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Fri, 29 Apr 2022 13:29:57 +0200 (CEST) X-Miltered: at korolev with ID 626BCC35.001 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 626BCC35.001 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 626BCC35.001 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham Message-ID-Hash: QXQLDIA3QXW5722ZUVEUBET2QP2LEL7G X-Message-ID-Hash: QXQLDIA3QXW5722ZUVEUBET2QP2LEL7G X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.5 Precedence: list Subject: [Galene] Authorisation portal example List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: I took the time last night to update the sample auth server with the portal flow. (I'm sure it has a proper name in OAuth2, but I've tried multiple times to read the spec -- and failed.) https://github.com/jech/galene-sample-auth-server The portal flow is a solution to the problem of providing a custom login interface without editing Galene's HTML code. Due to a bug in 0.5.3, you'll need to either upgrade to the current head or set "allow-anonymous" in the group config file in order to use that flow. Here's a summary of Galene's authorisation flows. 1. Native auth The user connects to Galene and enters their password. The Galene's client connects to Galene's server and sends their password in clear (over TLS). Pros: - no extra pieces that can break; - easy to understand. Cons: - the password is exposed to both the client and the server; - changing the UI required editing Galene's HTML. 2. Auth server The user connects to Galene and enters their password. Galene's client connects to the server, grabs a token, then connects to Galene's server. Pros: - the auth server only does auth; - the password is not exposed to Galene's server. Cons: - the password is exposed to Galene's Javascript code; - changing the UI required editing Galene's HTML. 3. Auth portal The user connects to a third-party portal and enters their password. Portal generates a token, then redirects to Galene. Pros: - the password is not exposed to Galene's client or server; - the auth portal provides a full user interface, which can be customised without editing Galene's HTML; - the auth portal can be implemented within another web application, which makes it easy to redirect from e.g. a chat server to Galene. Cons: - the auth portal needs to provide a user interface; - the token is temporarily stored in the browser's history, and might therefore leak, for example if Galene is down. -- Juliusz