Social Authentication (Facebook / Twitter) and IDP3

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Social Authentication (Facebook / Twitter) and IDP3

Reid Watson
Hi Everyone,

I have a project coming up to integrate social authentication methods into Shibboleth IDP3 (3.3.1), I have reviewed the following thread from 2017

http://shibboleth.1660669.n2.nabble.com/Integration-of-facebook-Google-with-Shibboleth-td7631535.html

People advised on a couple of links that are helpful, I’m really interested in “MPASS-proxy —  idp-authn-impl-socialuser / idp-authn-api-socialuser”.

- CSC (Finland) added stuff on top of Shibboleth IDP to make it a proxy:
https://github.com/Digipalvelutehdas/MPASSid-proxy

I was wondering does anyone have any advice or gotchas around using MPASSid-proxy or any other module they would recommend to investigate further with Shibboleth IDP3  ? 


Cheers

Reid

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Social Authentication (Facebook / Twitter) and IDP3

Cantor, Scott E.
> I was wondering does anyone have any advice or gotchas around using
> MPASSid-proxy or any other module they would recommend to investigate
> further with Shibboleth IDP3  ?

I haven't done a full eval of the code but my initial impression was that it was written properly and hopefully is suitable to eventually incorporate into the code base.

-- Scott

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Social Authentication (Facebook / Twitter) and IDP3

Wessel, Keith William
In reply to this post by Reid Watson
I can’t speak to the status of proxy IdP support on IdP3. When we needed a proxy IdP a couple years back, we turned to SimpleSAMLphp for the proxy functionality. Cirrus Identity recently released an opensource module for SimpleSAMLphp that will do what you’re talking about – talking to OIDC-based identity providers:

http://blog.cirrusidentity.com/generic-oauth2/openid-connect-module-for-simplesamlphp-now-available

While my first choice to set up a proxy IdP wasn’t introducing a new piece of software, SSP was very easy to set up, is very low maintenance, and has met our needs well. We still use the Shib IdP for the actual authentication and prefer using it directly over the proxy IdP whenever possible.

Keith


From: users <[hidden email]> On Behalf Of Reid Watson
Sent: Monday, June 4, 2018 1:30 AM
To: Shib Users <[hidden email]>
Subject: Social Authentication (Facebook / Twitter) and IDP3

Hi Everyone,

I have a project coming up to integrate social authentication methods into Shibboleth IDP3 (3.3.1), I have reviewed the following thread from 2017

http://shibboleth.1660669.n2.nabble.com/Integration-of-facebook-Google-with-Shibboleth-td7631535.html 

People advised on a couple of links that are helpful, I’m really interested in “MPASS-proxy —  idp-authn-impl-socialuser / idp-authn-api-socialuser”.

- CSC (Finland) added stuff on top of Shibboleth IDP to make it a proxy:
https://github.com/Digipalvelutehdas/MPASSid-proxy

I was wondering does anyone have any advice or gotchas around using MPASSid-proxy or any other module they would recommend to investigate further with Shibboleth IDP3  ? 


Cheers

Reid
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]