BarCamp Hong Kong 2015

AuthBucket - Open SourceIdentity Management System

PantaRei Design LimitedWong Hoi Sing, Edison

2015 Oct 17th

Edison Wong

• 2005 - Drupal Developer & Contributor– https://drupal.org/user/33940

• 2008 - HKDUG Co-founder– https://groups.drupal.org/drupalhk

• 2010 - CEO, PantaRei Design– hswong3i@pantarei-design.com

Edison Wong

• 2005 - Drupal Developer & Contributor– https://drupal.org/user/33940

• 2008 - HKDUG Co-founder– https://groups.drupal.org/drupalhk

• 2010 - CEO, PantaRei Design– hswong3i@pantarei-design.com

PantaRei Design• Everything Changes and Nothing Remains Still

• Reinvent Enterprise with Open Source Software and Cloud Computing

• Hong Kong based FOSS service provider– Content Management System (CMS) with Drupal– Cloud Hosting Solution with Amazon Web Services (AWS)– Team collaborate solution with Atlassian

• Business Partner with industry leaders– 2012, AWS Consulting Partner– 2013, Acquia Partner– 2013, Atlassian Experts– 2014, Rackspace Hosting Partner

• http://pantarei-design.com

Outline

• AuthBucket in 3 mins

• What is Identity Management System (IMS)?

• Why Do I Need IMS?

• Development Roadmap

• What's Next?

AuthBucket in 3mins

• AuthBucket is an Enterprise IdentityManagement System with Open SourceSoftware, allowing users securely manageand utilize their profile across multipleWebs/Apps/Devices under enterpriseenvironment.

• OAuth2.0, RESTful, PHP, Drupal, OSS

AuthBucket in 3mins (cont.)• The Identity Management System market would be forecast as

USD18B in 2019, as a double when compare with that on 2014with USD9B.

• Most existing solution are specialized design for family-softwareproduct, in proprietary and close-source software style, withexpensive deployment and maintenance cost.

• From the other point of view, AuthBucket will coming withgenerically design for any Webs/Apps/Devices, managed in Freeand Open Source Software style, and charing customers basedon support service subscription which create the real value.

What is Identity ManagementSystem (IMS)?

• An identity management system refers to an informationsystem, or to a set of technologies that can be used forenterprise or cross-network identity management

• Additional terms are used synonymously with "identitymanagement system" including;– Access governance system– Identity and access management system– Entitlement management system– User provisioning system

https://auth0.com/why-auth0

16

Social Media Authentication

17

Social Media Authorization

18

Unify Authorization Sample

19

Unify Authorization Sample

Why Do I Need IMS?

• Company can share authenticated useramong groups of websites

• Company can get completed user profilewith authenticated social network

• User can share content thru single pointto unlimited social network

• User update profile thru single point tounlimited social network

21

For Now

Facebook

Tweeter

LinkedIn

Google

User

(Client Side)

Developer

(Develop Side)

N-N Mapping

Request (API)

Resources

22

With AuthBucket

Facebook

Tweeter

LinkedIn

Google+

User

(Client Side)

Developer

(Develop Side)

AuthBucket

• (Service & Product)

N-1 Mapping 1-1 Mapping

Resources

Resources

Request (API) Request (API)

23

Development Roadmap

Alpha Release

6 Months 6 Months 6 Months

Beta Release

Public RC

24

Development Roadmap (cont.)

• 6th Months (Alpha Release)– For Developer– Simple CLI/API/SDK for multiple Webs/Apps/Devices

integration and development– Support multiple web open standard protocols such as

OAuth/SAML/OpenID/JWT/etc– Running on-premises or in the cloud– Scalable and reliable no matter how big the user base is

• Developer can save time and focus on what really matters

25

Development Roadmap (cont.)

• 12th Months (Beta Release)– For Administrator– Allow Users to authenticate securely by using

● Popular social providers such as Facebook/Twitter/LinkedIn/etc, or● Enterprise internal identity provider such as AD/LDAP/SAML/etc, or● AuthBucket locally managed user credentials

– Provides powerful reporting and analytic so Administratorcan easily see what's going on

26

Development Roadmap (cont.)

• 18th Months (Public RC)– For Users– Simple profile management with mobile-friendly Web interface– Sign into multiple Webs/Apps/Devices with single user account– Control the authorization about which Webs/Apps/Devices can

access their data– Connect with their public social network account

• User authentication and authorization is managedconsistently across the user’s device of choice

27

28

29

30

31

What's Next?

• Drupal 8.0.x + authbucket/oauth2-php– OAuth2.0 on top of core RESTful support– Utilize core user management functionality– Utilize LDAP support– Utilize 3rd party plugin system– CLI/API/SDK for simple deployment and

integration

What's Next? (cont.)

• Bootstrap + AngularJS + Cordova– Single Page Architecture– Focus on Mobile Responsive UI/UX– Functionality provided by backend CLI/API/SDK– Not only for WebApps, also as Native Apps

What's Next (cont.)

• 3rd Party Integration– SDK, e.g. WordPress/Drupal/Joomla/Moodle/etc– Social Network integration, e.g. FB/TW/G+/etc– 2-step Verification

http://authbucket.com/

What's Next (cont.)

• Fork from GitHub– Report bug– Comment with your idea– Send us Pull Request

• Subscript our mailing list

Q&A

References

• http://authbucket.com/

• https://github.com/authbucket/oauth2-php

• http://oauth2-php.authbucket.com/

• https://www.drupal.org/project/oauth2

• https://en.wikipedia.org/wiki/OAuth

• http://oauth.net/2/

• https://auth0.com/why-auth0

Thank You

• Please feel free to contact us:– PantaRei Design Limited– Unit 326, 3/F, Building 16W

No.16 Science Park West AvenueHong Kong Science Park, Shatin, N.T.

– Phone: +852 2576 3812– Fax: +852 3753 3663– Email: sales@pantarei-design.com– Web: http://pantarei-design.com