Support BrowserID

From RavenWiki
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

A brief description of what is proposed

Add support for using Raven to authenticate with Mozilla's BrowserID.

An explanation of how it would be useful

The key to achieving higher take-up of raven is to make implementation easier and slicker. Support for BrowserID would allow Raven to be used by users of systems which haven't specifically been set up for Raven, and would make it far easier to add support for raven to new websites. For instructions on using browser id see https://developer.mozilla.org/en/BrowserID/Quick_Setup

Sibboleth (have I spelt that right?) isn't getting much use because it's unnecessarily complex to use, and because authentication and profile information really should be two separate steps. BrowserID would be a much simpler and more popular alternative and would be especially useful for things like society websites where not all users are university members.

One or more suggestions of how it could be implemented

Support for this would actually be fairly simple. Mozilla provide

Support really just involves providing a small number of web pages:

Declaration of support at https://cam.ac.uk/.well-known/browserid should be the JSON file:

   {
       "authority": "raven.cam.ac.uk"
   }

The rest can then be implimented on the raven.cam.ac.uk domain (or another domain if preferable) and just consists of the declaration of support (provides public key and location of the other two pages), the authentication page (Sign the user in pretty much as per standard raven page except with a pre-determined e-mail and using AJAX) , and the provisioning page (check the user is authenticated and sign a certificate).