Post · Bonfire

Eduardo Mercovich @EduMerco · 2 years ago

Authenticating Bonfire users from other sources

If it's not the time to ask this I'm sorry and please simply dismiss this post.

Imagine that you already have a community working on a CMS or LMS (like Moodle, Wordpress, Discourse, Drupal, etc.) with a bunch of users and a way to manage them (create, give roles/permissions, delete, etc.).

Is it, now or planned in a near future, a way to somehow connect that with a Bonfire instance so we don't need to have double users, one in each platform? Or -in the other way- can Bonfire provide this authentication? One platform to rule them all, one platform to find them, one platform to bring them all and in the Fediverse light bask them? 🤣

In brief: can Bonfire accept/provide identification by/to other sources?

Thanks a lot, and I hope this discussion opens some possibilities. :)

+ -

Mayel @mayel · 2 years ago

Great questions! This is indeed something I am very interested in and have started to prototype: github.com/bonfire-networks/... An extension to enable:- authenticating on Bonfire using an external identity using OpenID Connect- using your Bonfire identity to authenticate in other apps with OpenID Connect 1.0 or OAuth 2.0

GitHub - bonfire-networks/bonfire_open_id: Use OpenID and OAuth with your Bonfire identity or connect to Bonfire with an external identity (object)

Use OpenID and OAuth with your Bonfire identity or connect to Bonfire with an external identity - GitHub - bonfire-networks/bonfire_open_id: Use OpenID and OAuth with your Bonfire identity or connect to Bonfire with an external identity

+ -

jorgeluis @jorgeluis · 2 years ago

Nice that you are working on this already. Have you considered also implementing LDAP?

+ -

Mayel @mayel · 2 years ago

@jorgeluis haven't so far, what would you need it for? LDAP is a much older protocol than OpenID Connect or OAuth, but I guess that means there's things than only support that...

+ -

jorgeluis @jorgeluis · 2 years ago

It is used by yunohost. Would be useful if bonfire is made available as a ynh package later on.

Mayel @mayel · 2 years ago

Seems like this could help otherwise: github.com/YunoHost-Apps/dex...

GitHub - YunoHost-Apps/dex_ynh: A Federated OpenID Connect Provider (object)

A Federated OpenID Connect Provider. Contribute to YunoHost-Apps/dex_ynh development by creating an account on GitHub.

+ -

Mayel @mayel · 2 years ago

So basically, if you have a specific app/platform you'd like to try this with, it should be possible (depending on what the other software supports of course), but some testing and tweaking of the implementation will need to be done.

Eduardo Mercovich @EduMerco · 2 years ago

Those are great news! In our particular case, Moodle will be used but it can go both ways. Moodle can id Bonfire or viceversa. It looks like Moodle can take Open ID info (see moodle.org/plugins/auth_oidc). But also Bonfire can take it from Moodle. Anyway, I'm happy that it's something going on and I would be happy to help with tests (or other things that don't require programming). 😅

This is a bonfire demo instance for testing purposes

playground.bonfire.cafe: About · Code of conduct · Privacy ·

Bonfire · 0.9.10-beta.28 no JS en

Manual federation enabled