| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Álvaro Hernández <aht(at)ongres(dot)com> |
| Cc: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>, PostgreSQL WWW <pgsql-www(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Using postgresql.org account as an auth id on third party websites |
| Date: | 2019-09-18 10:45:49 |
| Message-ID: | CABUevEwntb4WncuyuwO-CwvMU+GDaz5T+kNm+35FmaC=S-n0kw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
On Wed, Sep 18, 2019 at 12:25 AM Álvaro Hernández <aht(at)ongres(dot)com> wrote:
>
>
> On 17/9/19 14:14, Jonathan S. Katz wrote:
> > On 9/17/19 11:54 AM, Álvaro Hernández wrote:
> >>
> >> Great, thank you Jonathan.
> >>
> >> Now.... how do we register with the "central system"?
> > Well, first make sure that it works :)
> >
> > I've not handled the registration process myself, but to test it, ensure
> > you can authenticate against the test pgweb instance you've set up. You
> > can configure it from the "Community auth sites" and "community auth
> > orgs" part of the admin. So once that works, I think there can be the
> > conversation of actually registering with the "central system."
>
> We can do that, no problem.
>
> >
> > To date, apps that use community auth have been within pginfra (AFAICT),
> > so to "formally request" it probably involves a longer conversation,
> > either here or with webmaster@ as the process of doing so has not been
> > exercised yet.
>
> Fair enough. Now.... I'd like not to waste any resources before
> having that "longer conversation" then, which I hope it is not that
> long. We're building a user authentication system on top of
> https://postgresqlco.nf that will use external id providers like Google
> Account, Twitter and others. We'd like to provide postgresql.org
> community account as a first-class citizen authentication mechanism,
> since this is something for the PostgreSQL Community as a whole. If this
> is possible, great! If not, we should know asap and stick with the other
> providers only --but I hope should not be a big deal.
>
>
So far, we have only approved services running fully managed by the
infrastructure team to handle this. Some of them are managed by different
organisations (such as PostgreSQL Europe or PostgreSQL US), but since they
are running on the main infrastructure there the team has the ability to
reach and manage all the data.
Right now, the system isn't really set up to handle things outside of that,
as some things (particularly in relation to our new friend the gdpr) are
handled completely manually and are not in the system. There are a number
of things that should be implemented before doing something like that, such
as the ability to push out a forced account delete (no API for that now).
Or at the very least, a second level of consent about sharing data in an
irretrievable way.
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2019-09-18 15:09:29 | git mirror wedged? |
| Previous Message | Álvaro Hernández | 2019-09-17 22:25:06 | Re: Using postgresql.org account as an auth id on third party websites |