Hi All,
In support of moving fast on Milestone 1, I have stood up a simple dev deployment of a tokensever-auth-enabled Sync1.1 server. Hopefully this will give us something concrete to develop and test against on the storage integration side of things. There are two servers, "auth" and "storage", available at: http://auth.oldsync.dev.lcip.org/ http://db1.oldsync.dev.lcip.org/ Technical details below for those who need them. Enjoy! Cheers, Ryan ------------------------------- This setup comes in two pieces. For dev they are just two EC2 instances; in production they'd be two separate clusters. First is the "auth server", available here: http://auth.oldsync.dev.lcip.org/ This is running the tokenserver code we built for sync2.0, and speaks the browserid auth dance documented here: http://docs.services.mozilla.com/token/user-flow.html To authenticate, you produce a BrowserID assertion and send it to the following service-specific URL: http://auth.oldsync.dev.lcip.org/1.0/sync/1.1 In return you will get a set of temporary authentication credentials ("id" and "key") along with the URL of a particular storage server that you should use (the "endpoint_url"). In production there would be multiple storage servers, with users sharded among them. For the dev deployment, the auth server will always direct you to: http://db1.oldsync.dev.lcip.org/1.1/{userid} This storage server is running the sync1.1 storage code, with a special auth plugin that speaks Hawk auth, and a master token-signing secret that is shared with the auth server. Use the id and key you got from the tokenserver, and make Hawk authenticated requests following the existing Sync1.1 API: https://docs.services.mozilla.com/storage/apis-1.1.html In theory, this should be all the server-side support you need to do BrowserID-authenticated syncing on top of Sync1.1. Good luck! :-) Caveat: I did a quick python implementation of Hawk based on my previous work with MACAuth, and a cursory read of the quote-unquote "Hawk Spec". There may be incompatibilities; ping me and I'll squash them ASAP. _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
