Nick Chapman nchapman
This document describes the method by which Mozilla web services (called "RP"s, Relying Parties) can allow their users to "Sign In With Your Firefox Account". The RP server will receive proof that the user controls the given FxA, as well as credentials that grant it certain access to data on other servers on behalf of that user.
This uses an OAuth2 flow and a new "fxa-oauth-server" to issue and validate tokens. RPs can use these tokens to convince other servers (known as "Delegated Services") to accept their requests.
The RP web page redirects the browser to a special login page on the FxA Content Server. The user then enters their email address and FxA password on this page, which verifies them and allocates a secret code, then redirects the browser back to the RP page. The code is then used by the RP backend server to verify the user's identity and obtain the OAuth token it will use for subsequent requests.
2014/06/05 12:09:30 [3]handler:Cmd: Handling cmd response from device {cmd: {"t":{"ok":true,"la":34.0522,"lo":-118.2437,"ti":1401995370570},"has_passcode":false}, length: 85}
{"Latitude":34.0522,"Longitude":-118.2437,"Altitude":0,"Time":1401995331812,"Lockable":false}
{"Latitude":0,"Longitude":0,"Altitude":0,"Time":0,"Lockable":false}
| Disrupting disruptive disrupters since disruption disrupted. |
I hereby claim:
- I am nchapman on github.
- I am nchapman (https://keybase.io/nchapman) on keybase.
- I have a public key ASABvqdLeDDs2ZlKAC16T_CtX8Zflf2I0qnEGpdfgJ4RIQo
To claim this, I am signing this object: