Download pdf - Persona: un système d'identité pour le Web

François Marier – @fmarier

Personaun système d'identitépour le Web

https://twitter.com/fmarier

un système ouvertet fédéré pour

l'authentificationdes utilisateurs

une solution au problème desmots de passe sur le Web

pourquoi ?

difficilesà

retenir

c'est tropfacile de lesréutiliser

alternatives

décentralisé

moi.com/u/francois

vie privée®

comment çamarche ?

[email protected]

<signatures numériques 101>

privée publique

publique

Je m'appelleFrançois Marieret mon adressede courriel esttrop longuepour cette note.

privée


publique


signer vérifier

</signatures numériques 101>

[email protected]

authentification?

clé publique

authentification?

clé publique signée

clé publique

authentification?

Valide pour : 2 minutes

wikipedia.org

assertion


wikipedia.org

vérifier l'audience

assertion


wikipedia.org

vérifier l'audiencevérifier l'expiration

assertion


wikipedia.org

vérifier l'audiencevérifier l'expirationvérifier la signature

assertion

assertion


wikipedia.org

clé publique

assertion


wikipedia.org

assertion

cookie

c'est pourquand ?

serveurs de courriel

navigateurs

[email protected]

[email protected]

serveurs de courriel

navigator.id.*

navigateurs modernes

>= 8

>= 8

navigateurs modernes

vous pouvez utiliser Personadès aujourd'hui

comment l'utilisersur votre site ?

<script src=”https://login.persona.org/include.js”></script></body></html>

navigator.id.watch({ loggedInEmail: “[email protected]”, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { // do something } ); }, onlogout: function () { window.location = '/logout'; }});

navigator.id.watch({ loggedInUser: “[email protected]”, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { // do something } ); }, onlogout: function () { window.location = '/logout'; }});

navigator.id.watch({ loggedInUser: null, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { // do something } ); }, onlogout: function () { window.location = '/logout'; }});

navigator.id.watch({ loggedInUser: null, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { // do something } ); }, onlogout: function () { window.location = '/logout'; }});

navigator.id.watch({ loggedInUser: null, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { window.location = '/'; } ); }, onlogout: function () { window.location = '/logout'; }});

navigator.id.request()

navigator.id.watch({ loggedInUser: null, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { window.location = '/'; } ); }, onlogout: function () { window.location = '/logout'; }});

navigator.id.watch({ loggedInUser: null, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { window.location = '/home'; } ); }, onlogout: function () { window.location = '/logout'; }});

$ curl -d "assertion=<ASSERTION>& audience=http://123done.org" https://verifier.login.persona.org/verify

$ curl -d "assertion=<ASSERTION>& audience=http://123done.org" https://verifier.login.persona.org/verify

{ status: “okay”,

audience: “http://123done.org”,

expires: 1344849682560,

email: “[email protected]”,

issuer: “login.persona.org”}

{ status: “failed”,

reason: “assertion has expired”}

navigator.id.logout()

navigator.id.watch({ loggedInUser: null, onlogin: function (assertion) { $.post('/login', {assertion: assertion}, function (data) { window.location = '/home'; } ); }, onlogout: function () { window.location = '/logout'; }});

1. charger bibliothèque JavaScript


2. écrire onlogin & onlogout



3. ajouter boutons (dé)connexion



3. ajouter boutons (dé)connexion

4. vérifier l'assertion

pour nous aider ...

utilisez Personasur votre site

dites-nous ce quevous en penser

demandez lesupport Persona







Pour en savoir plus :

https://login.persona.org/http://identity.mozilla.com/

https://developer.mozilla.org/docs/Persona/Why_Personahttps://developer.mozilla.org/docs/Persona/Quick_Setup

https://github.com/mozilla/browserid-cookbookhttps://developer.mozilla.org/docs/Persona/Libraries_and_plugins

http://123done.org/https://wiki.mozilla.org/Identity#Get_Involved

@fmarier http://fmarier.org

https://login.persona.org/

http://identity.mozilla.com/

https://developer.mozilla.org/docs/Persona/Why_Persona

https://developer.mozilla.org/docs/Persona/Quick_Setup

https://github.com/mozilla/browserid-cookbook

https://developer.mozilla.org/docs/Persona/Libraries_and_plugins

http://123done.org/

https://wiki.mozilla.org/Identity#Get_Involved

https://twitter.com/fmarier

http://fmarier.org/

https://eyedee.me/.well-known/browserid:

{ "public-key": { "algorithm":"RS", "n":"8606...", "e":"65537" }, "authentication": "/browserid/sign_in.html", "provisioning": "/browserid/provision.html"}

document de support

https://eyedee.me/.well-known/browserid

© 2013 François Marier <[email protected]>Cette œuvre est mise à disposition selon les termes de laLicence Creative Commons Attribution - Partage dans les Mêmes Conditions 3.0 Nouvelle-Zélande.

Top 500 des mots de passe: http://xato.net/passwords/more-top-worst-passwords/

Parchemin: https://secure.flickr.com/photos/27613359@N03/6750396225/

Biscuits: https://secure.flickr.com/photos/jamisonjudd/4810986199/

Uncle Sam: https://secure.flickr.com/photos/donkeyhotey/5666065982/

Passeport canadien: https://secure.flickr.com/photos/rustyangel/5839428526/

Sources des photos :

mailto:[email protected]

https://creativecommons.org/licenses/by-sa/3.0/nz/deed.fr

http://xato.net/passwords/more-top-worst-passwords/

https://secure.flickr.com/photos/27613359@N03/6750396225/

https://secure.flickr.com/photos/jamisonjudd/4810986199/

https://secure.flickr.com/photos/donkeyhotey/5666065982/

https://secure.flickr.com/photos/rustyangel/5839428526/

https://creativecommons.org/licenses/by-sa/3.0/nz/deed.fr