105 lines
3.4 KiB
Plaintext
105 lines
3.4 KiB
Plaintext
# Setting up accounts-sso
|
|
|
|
Accounts-SSO is the framework we are using to store secrets (tokens, passwords)
|
|
and for storing Accounts (small pieces of information containing a name,
|
|
a provider, etc).
|
|
|
|
https://accounts-sso.gitlab.io/
|
|
|
|
## Accounts
|
|
|
|
This is a fairly simply yet powerful framework, it stores all information into a
|
|
sqlite database and then propagates the modifications using dbus so all applications
|
|
using libaccounts will be aware of the modifications.
|
|
|
|
### libaccounts-glib
|
|
|
|
The first thing to compile is libaccounts-glib, which is the code implementing
|
|
all the Read/Write/Notification of Accounts:
|
|
|
|
git clone https://gitlab.com/accounts-sso/libaccounts-glib libaccounts-glib
|
|
cd libaccounts-glib
|
|
meson build
|
|
ninja -C build && ninja -C build install
|
|
|
|
### libaccounts-qt
|
|
|
|
This is the Qt bindings for libaccounts-glib, it uses qmake.
|
|
|
|
git clone https://gitlab.com/accounts-sso/libaccounts-qt libaccounts-qt
|
|
cd libaccounts-qt
|
|
qmake
|
|
make && make install
|
|
|
|
Note that at this very day libaccounts-qt qmake does **NOT** support compiling the
|
|
library outside the source directory, this means that the command qmake must be
|
|
executed within the root of libaccounts-qt and not for example in a build directory.
|
|
|
|
##SSO
|
|
|
|
Single Sign On is the part of the framework responsible for storing and obtaining
|
|
credentials. It stores the credentials in a secure way (in case of KDE within
|
|
KWallet) and has a plugin system to do authentication in most common cases such
|
|
oauth/2 or simple user and password.
|
|
|
|
An interface can be plugged into SSO, at this moment we are using ubuntu's
|
|
implementation signon-ui but that will changes in the future.
|
|
|
|
### signond
|
|
|
|
This includes a daemon that will be dbus activated and will offer a set of dbus api
|
|
to access to credentials and to authenticate to services (google/facebook oauth or
|
|
owncloud user/password). Within this same repo there is a Qt library that we'll use
|
|
in our applications to talk to the daemon.
|
|
|
|
git clone https://gitlab.com/accounts-sso/signond signond
|
|
qmake
|
|
make && make install
|
|
|
|
Note: Since signond is *dbus* activated be sure that the file
|
|
`com.google.code.AccountsSSO.SingleSignOn.service` is in a location where dbus
|
|
can find it (usually /usr/share/dbus-1/services)
|
|
|
|
### Wallet support
|
|
|
|
In order for sigond to talk to KWallet we need a plugin for it, otherwise it will
|
|
store secrets (tokens and passwords) in plain text
|
|
|
|
git clone git://anongit.kde.org/signon-kwallet-extension.git
|
|
mkdir signon-kwallet-extension/build
|
|
cd signon-kwallet-extension/build
|
|
cmake ..
|
|
make && make install
|
|
|
|
### oauth2 plugin
|
|
|
|
This plugin makes signond able to deal with oauth2 authentication
|
|
|
|
git clone https://gitlab.com/accounts-sso/signon-plugin-oauth2 signon-plugin-oauth2
|
|
mkdir signon-plugin-oauth2/build
|
|
cd signon-plugin-oauth2/build
|
|
qmake ..
|
|
make install
|
|
|
|
### signon-ui
|
|
|
|
signon-ui provides the user interface for logging-into various accounts.
|
|
|
|
git clone https://gitlab.com/accounts-sso/signon-ui signon-ui
|
|
cd signon-ui
|
|
qmake
|
|
make install
|
|
|
|
### kde providers
|
|
|
|
This are the providers and services that at this very moment we provide support for.
|
|
For example in Facebook we support Chat, Contacts Calendar... for what we need a
|
|
facebook.provider and chat/contacts/calendar.service files. This is basically a bunch
|
|
of icons and .xml files
|
|
|
|
git clone git://anongit.kde.org/kaccount-providers.git
|
|
mkdir kaccount-providers/build
|
|
cd kaccount-providers/build
|
|
cmake ..
|
|
make install
|