You can subscribe to this list here.
2025 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
---|
From: Gustaf N. (sslmail) <ne...@wu...> - 2025-07-19 06:48:52
|
Hi John, > There were two rumors of a Tcl native OATH2 implementation. > > 1) In OpenACS, I think Gustav mentioned this, but googling I only find > a 2023 conversation > https://openacs.org/forums/message-view?message_id=5741773 > > 2) Antonio (I think) mentioned that someone in Vienna has done this, > but they have not replied to emails asking to open source it. well, i try to recap: The first oauth2 (client) authentication was implemented by Sabine Stransky (she was one of the participants in Bologna) for a customer for using it with Microsoft (Azure). Later, this was extended by KM (mostly Michael Aram from KM, who participated in the Vienna OpenACS conferences) for using it mostly with LTI. KM agreed several years ago to release these parts it into OpenACS, but this was based on several local modifications at KM). At that time, i picked up the code, modernized and generalized it, and made an integration with the standard OpenACS. In this process, i support for using GitHub as an identity provider, by not only depending on MSoft (MSoft is not literally following the OAuth2 standard recommendations, one has to interprete the claims, there are two versions out, etc), Look here what’s in OpenACS; https://github.com/openacs/xooauth/blob/main/tcl/rest-procs.tcl https://github.com/openacs/xooauth/blob/main/tcl/authorize-procs.tcl https://github.com/openacs/xooauth/blob/main/tcl/ms-procs.tcl https://github.com/openacs/xooauth/blob/main/tcl/canvas-procs.tcl The MS part provides in addition to authorization a subset of the MS Grah interface https://openacs.org/xowiki/msgraph There is a similar code for accessing the Canvas interface in the canvas-procs. The authorization part (login/logout) is in the class “Authorize” class. The MS authorization does the same towards the end of the ms-procs. When using GitHub as identity provider, a subclass of the Authorize class is used, which handles the GitHub specific part (look into authorize-procs towards the end). This code is used in production the Vienna University of Economics since a few years. I was planning to provide a pure NaviServer OAUTH2 example for using GitHub as identity provider with the new authorization chains for the conference, but time was running out, I could only provide the LDAP interface (see README file), since there was also much cleanup required in nsldap https://github.com/naviserver-project/nsldap to provide the example will cost me a couple of days to load the necessary parts into my brain, factor our the relevant parts from OpenACS, and to provide an interface that can be used with OpenACS as well… all the best -gustaf |
From: Decent E. <dec...@gm...> - 2025-07-16 08:30:05
|
Thanks for making this group, for discussing us using naviserver, as opposed to development. My hope is that we’ll all post here things that we need to do, before we do them. Ideally, then, we can help each other by giving advice and/or sharing code. -- > PS: The videos from the conference are already online (many thanks to Antonio!), they need still linkage on the conference site. https://learn.wu.ac.at/eurotcl2025/ Wow, FAST! I put together an improved version of my talk, using a front facing camera, and using Adobe’s audio AI to much improve the audio quality https://www.youtube.com/watch?v=p7rX0OVCeLo The audio makes me sound slightly slurry and drunk, but totally removes the room echo which makes understandability difficult. I’m happy to share here any of my Tcl code for doing things that I presented. — There were two rumors of a Tcl native OATH2 implementation. 1) In OpenACS, I think Gustav mentioned this, but googling I only find a 2023 conversation https://openacs.org/forums/message-view?message_id=5741773 2) Antonio (I think) mentioned that someone in Vienna has done this, but they have not replied to emails asking to open source it. — |