[Cubicweb] OAuth support

Christophe de Vienne cdevienne at gmail.com
Wed Aug 21 13:43:53 CEST 2013


I am starting to write a OAuth cube (it will be LGPLed and released very 

The structure of it will resemble a lot cubicweb-openidrelay, but there 
are two main differences on which I would appreciate some feedback 
before coding :

1. Provider settings

For each enabled oauth provider, an application and secret keys have to 
be provided.
Should this setting go in the configuration file, or in a dedicated 
entity (OAuthProvider for example) ?
I feel that storing in the database is a better approach, so that the 
administrator can easily add/remove providers.

2. Multiple identities

I would like to be able to link a single CWUser to identities on 
different providers.
This is a big difference with the way openidrelay works.
It will imply to be able, for a connected user, to add link its account 
with other providers.

Thanks in advance for any return on this, and since it is my first cube 
any hint that sounds useful is very welcome !


More information about the Cubicweb mailing list