jclouds-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ignasi Barrera <n...@apache.org>
Subject Re: Oauth for Google Compute and DigitalOcean
Date Mon, 21 Dec 2015 11:27:00 GMT
Well, it depends on the OAuth flow being used, but in general jclouds
handles the entire authentication flow:

In DigitalOcean, the user goes to the control panel and generates an
API token from there. That token is already the OAuth Bearer token to
be used to authenticate, so there are no more steps involved. Just
propagate the token and you're done.
In GCE, The user provides the client ID and the private key and
jclouds performs the entire JWT OAuth flow to get a temporal Bearer
access token for those credentials, and handles the complexity of
using and renewing it when needed.

So I'd say in DigitalOcean your app should ask users to introduce the
DO token, and in GCE they should introduce their credentials.



On 19 December 2015 at 06:15, Ruben Rubio Rey <tk421.1@gmail.com> wrote:
> Hi Ignasi,
> Our platform (If anyone is curious - https://manageacloud.com) requires
> different users to set the credentials from their favourite cloud supplier.
> At this moment, they had to put the credentials manually (eg clientid / key)
> to activate the cloud. For the clouds that supports it (such as Digital
> Ocean or Google Compute Engine) we would like to use OAuth for the
> authentication because it is easier for the user.
> Using Oath requires to steps:
> 1 - Authenticate the user
> 2 - Use the token generated in the previous authentication with JClouds to
> manage their server infrastructure
> I am not sure if JClouds has already something developed for the
> authentication itself (If so please let me know) but I would be very
> interested in an example of how to use the token generated in the previous
> authentication with JClouds to manage their infrastructure.
> Hope to hear from you soon,
> Ruben
> On Fri, Dec 18, 2015 at 10:28 PM, Ignasi Barrera <nacx@apache.org> wrote:
>> jclouds already has an OAuth API that implements the JWT Bearer Token
>> flow and also allows to authenticate using an existing Bearer token.
>> Providers that use OAuth 2 for authentication can use this API. For
>> example, the Google providers use this OAuth api with the JWT flow to
>> authenticate, and the DigitalOcean 2 provider uses the Bearer token
>> Could you elaborate your question? What do you need / are you trying to
>> do?
>> On 18 December 2015 at 06:15, Ruben Rubio Rey <tk421.1@gmail.com> wrote:
>> > Hi,
>> >
>> > There are some suppliers that they support oauth for the authentication.
>> > Is
>> > there any way to use the authentication provided by oath with jclouds ?
>> >
>> > Regards,
>> > Ruben
>> >

View raw message