WordPress.org

Ready to get started?Download WordPress

Forums

Keyring
Two-legged auth? (4 posts)

  1. Tom
    Member
    Posted 1 year ago #

    Can this plugin be configured to use two-legged, non-interactive authentication? We need this for a fairly traditional client / server model between several WP sites and a central authentication API.

    http://wordpress.org/extend/plugins/keyring/

  2. Beau Lebens
    Member
    Plugin Author

    Posted 1 year ago #

    Hi Tom; I didn't set Keyring up intending for it to be used for 2-legged auth, but mainly just because I've never had a use-case for that.

    I'm honestly not sure, but pretty much everything you need for OAuth1 and 2 is in there, so if it can't do it "out of the box" then you can probably write a Service definition to do it with some juggling.

    Can you point me to an example of what you'd like to use it for, or is it something internal?

  3. Tom
    Member
    Posted 1 year ago #

    Sorry, I don't have a use-case example because I'm just checking for feasible solutions for a refactoring project.

    I inherited a legacy CodeIgniter application which serves about a dozen blog-like websites simultaneously through the same instance. The stakeholders are keen on WP for content management and a number of other reasons, and it would simplify the primary application to delegate that and other non-critical functionality to WP (I'm not a WP developer). Most of the blog sites require paid subscription, also currently managed by the CI app. For the refactor, I'm considering a two-part solution:

    • Rails API and admin interface which handles core business logic, subscriptions and centralized authentication.
    • WP Multi-site instance for content management, custom plugin(s) for interacting with the central API

    Since subscribers have a single set of credentials for all the blogs, I was hoping to use OAuth for authenticating against the API, then fetching customer account and subscription info.

    It may be simpler, though, to simply use WP as the system of record for the user objects and authentication and simply fetch associated subscription & account information that is managed in the central app. Regardless, I'm exploring different options and wanted to check if OAuth would be an appropriate solution. Make sense?

    Thanks,

  4. Beau Lebens
    Member
    Plugin Author

    Posted 1 year ago #

    Not sure if another opinion is welcome, and obviously it's coming from a WordPress developer, so maybe I have a different point of view (and probably don't have all the information), but It actually sounds like you'd actually be better just doing it all in WordPress.

    That would eliminiate the need for any kind of OAuth anything, because you could just use native WP credentials everywhere. There are plugins around that let you handle subscription-based content, and there are a few popular shopping cart/store plugins that can help you do the commerce side of things as well.

    All of that failing, I think you could use Keyring to handle just the communication part of things (since it can handle signing requests etc), although it's probably overkill. If you're doing your own implementation, in a single environment, you're probably better off installing the PECL OAuth package (http://pecl.php.net/package/oauth) and then using that, since you can guarantee a single, known implementation of a consistent version of OAuth across all services. Keyring is best when you need to work with different authentication types (OAuth1 + 2, HTTP Basic etc), and when you need to be more portable (so can't guarantee Pecl/some specific library).

    Hope that helps with your decision!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.