Authentication options for Open edX: focus on OAuth and OpenID

Apr 4, 20180 likes580 views

F. Questier, Authentication options for Open edX: focus on OAuth and OpenID, presentation for the Erasmus+ MarMOOC project, Universidade de Vigo, Spain, 04/04/2018

Federated identity: a technological overview (part II/II)
Authentication options for Open edX:
focus on OAuth and OpenID
Prof. dr. Frederik Questier
Vrije Universiteit Brussel
Presented at Universidade de Vigo, Spain, April 2018
Project No. 573583-EPP-1-2016-1-ES-EPPKA2-CBHE-SP (2016-2558/001-001)

Who needs access
to your Open edX server?

Who do you need to
authenticate / identify?
➢ Authentication: could be self-registration
➢ Identification: real name

Authentication options for Open edX: focus on OAuth and OpenID

Open edX
➢ Supported Identity Providers
➢ OAuth2, OAuth1
➢ Google, Facebook, LinkedIn, Microsoft Azure AD (365),…
➢ SAML 2 / Shibboleth
➢ Learning Tools Interoperability (LTI)
➢ Provisionally Supported Identity Providers
➢ OpenID
➢ Apache-hosted Shibboleth
➢ SSL client certificates
➢ Central Authentication Service (CAS)

Open standards
Development history
2005 2007 2012 2014
OpenID OpenID2 OpenID Connect
Oauth OAuth2

Use cases designed for?
➢ OpenID
➢ Federated authentication
➢ Login at site B with your credentials from site A (identity
provider) without giving B your password.
➢ E.g. login at edX by verifying at Google.
➢ Oauth
➢ Delegated authorization
➢ Authorize app/site B to access your data at site A without
giving B your password.
➢ E.g. allow mobile edX app access to your edX server data

In practice,
also by Open edX, ...
➢ OAuth is often abused for pseudo-authentication
➢ Possible
➢ But requires custom code for each authorization provider.
➢ Well known for the famous ones like Google and Facebook
➢ Provided by Open edX

Here is the Here you
go
Google –
The Identity Provider
Here is the Here you
go
Google –
The Identity Provider
OpenID Authentication
vs.
Pseudo-Authentication using OAuth
adapted from a drawing by @_nat_en
*valet key = limited scope
OAuth Token
& the API Provider
Who are YOU? Send me a
notarized referral letter.
Give me the valet key* to
your house (account) so
that I know you are the
owner of the house
Please issue me a
valet key* for the core APIs
valet key*
certificate
Please write a referral
stating that I'm user@gmail
name: Real Name
email: user@gmail
notary: Google
name: Real Name
email: user@gmail
notary: Google

OpenID = user-centric :)
➢ Dream: login everywhere with your preferred identity
provider or with your own URL
➢ e.g. login by writing “http://questier.com“
➢ = my server that runs openid identity server
➢ or that has rel-link to http://questier.myopenid.com

The user-centric dream killed :(
➢ 2014 MyOpenID shuts down
➢ Facebook OpenID connect → Facebook Connect
➢ 2018 Stackexchange OpenID support shuts down

Recommendation 1
Check which of these Open edX solutions
fit your institutional identity provider
➢ Supported Identity Providers
➢ OAuth2, OAuth1
➢ Google, Facebook, LinkedIn, Microsoft Azure AD (365),…
➢ SAML 2 / Shibboleth
➢ Learning Tools Interoperability (LTI)
➢ Provisionally Supported Identity Providers
➢ OpenID
➢ Apache-hosted Shibboleth
➢ SSL client certificates
➢ Central Authentication Service (CAS)

Recommendation 3
Consider if you want to identify
MarMOOC members or others

Additional copyright credits
➢
https://commons.wikimedia.org/wiki/File:OpenIDvs.Pseudo-AuthenticationusingOAuth.svg CC0
➢ Social Icons by Iconshock http://www.iconshock.com/social-icons/

This presentation was made with 100% Free Software
No animals were harmed
Questier.com
Frederik AT Questier.com
www.linkedin.com/in/fquestie
www.diigo.com/user/frederikquestier
www.slideshare.net/Frederik_Questier
Q
uestions?
Merci!

OpenID is a decentralized single sign-on system that allows users to authenticate using an identity provider of their choice instead of individual credentials for each website. It works by allowing users to claim ownership of a URI that acts as their identifier, and authenticate to websites by proving control of that URI to the identity provider rather than sharing separate credentials with each site. Ownership of the URI and choice of identity provider remains with the user, avoiding issues like username squatting and lock-in to a single provider seen in other systems.

Open learning Experiences from the MarMOOC projectFrederik Questier

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt

- The document discusses decentralized identity systems and verifiable credentials, and introduces OpenID for Verifiable Credentials as a standard for issuing and presenting verifiable credentials in a decentralized and interoperable way. - OpenID for Verifiable Credentials uses existing protocols like OAuth 2.0 and OpenID Connect to build upon established security practices. It supports various credential formats, identifier methods, and trust models to accommodate different needs. - Implementations of OpenID for Verifiable Credentials allow users to privately obtain and present verifiable credentials from multiple credential issuers to different verifiers through a digital wallet on their device or in the cloud. Standards and profiles continue to be developed to promote adoption and interoperability.

OpenID Foundation/Open Banking Workshop - OpenID Foundation OverviewMikeLeszcz

Securing .NET Core, ASP.NET Core applicationsNETUserGroupBern

This document discusses securing .NET Core and ASP.NET Core applications. It covers authentication and authorization topics like OpenID Connect, OAuth, sessions, and HTTPS. It provides an overview of authentication flows like OAuth's resource owner credentials flow and OpenID Connect's authorization code flow. It also discusses securing single page applications, Azure managed identities, and using libraries instead of rolling your own security implementation.

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt

Authentication with zend frameworkGeorge Mihailov

PayPal Access GDG DevFestPayPal

Application Security in ASP.NET CoreNETUserGroupBern

This document discusses ASP.NET Core security topics like OpenID Connect, OAuth, authentication, authorization, and policies. It provides an overview of common flows like OAuth2 resource owner credentials, OpenID Connect authorization code, and hybrid flows. It also covers implementing authorization in ASP.NET Core using policies, requirements, and handlers. Code examples for OpenID Connect hybrid flow and OAuth2 resource owner credentials flow are referenced.

OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt

Accessing APIs using OAuth on the federated (WordPress) webFelix Arntz

OAuth 2.0 is commonly used for authentication when accessing APIs from third-party applications. However, using OAuth in WordPress plugins poses unique challenges due to WordPress being distributed and open-source. The presenter introduces a "Site Kit Service" approach that centralizes client credentials to address these challenges. It generates unique site credentials per WordPress site and proxies the OAuth flow to delegate access tokens securely while meeting UX and security best practices for OAuth in WordPress plugins.

OpenID Connect ExplainedVladimir Dzhuvinov

Authorization and Authentication using IdentityServer4Aaron Ralls

This document summarizes a presentation about OAuth 2.0, OpenID Connect, and single sign-on (SSO) using IdentityServer4. It discusses the differences between authorization and authentication, provides an overview of OAuth 2.0 authorization grant types and how IdentityServer4 can implement OAuth 2.0 and OpenID Connect protocols to secure APIs, web, and mobile applications. It also lists some demos and helpful links related to implementing OAuth 2.0 and OpenID Connect with IdentityServer4.

OAuth2 and OpenID with Spring BootGeert Pante

This document discusses OAuth2 and OpenID Connect for authentication. It begins by outlining goals of understanding OAuth, OpenID Connect concepts, and integrating them with Spring Security. It then explains key OAuth2 concepts like tokens, scopes, and flows. It describes OpenID Connect and how it builds on OAuth2 to provide authentication. It provides examples of configuring Spring Security for OAuth2 and OpenID Connect login, including registering a client and configuring the application.

Auth proxy pattern on KubernetesMichał Wcisło

This document discusses authorization and authentication standards like OAuth2 and OpenID Connect and how an authorization proxy can be used to implement them on Kubernetes. It provides examples of using the authorization code flow and OpenID Connect to authenticate users and delegate access. It also discusses how authorization proxies can be used to secure access to the Kubernetes API and enable fine-grained access management with Istio.

OpenID for Verifiable CredentialsTorsten Lodderstedt

OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt

Steam Learn: HTTPS and certificates explainedinovia

Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...MysoreMuleSoftMeetup

Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Meetup #48 Event Link:- https://meetups.mulesoft.com/events/details/mulesoft-mysore-presents-configuring-single-sign-on-sso-via-identity-management/ Agenda ● Single Sign On (SSO) ● SSO Standards ● OpenID Connect vs SAML 2.0 ● OpenID Connect - Architecture ● Configuring SSO Using OIDC (Demo) ● SAML 2.0 - Architecture ● Configuring SSO Using SAML 2.0 (Demo) ● Mapping IDP Groups with Anypoint Team (Demo) ● Q & A For Upcoming Meetups Join Mysore Meetup Group - https://meetups.mulesoft.com/mysore/YouTube:- youtube.com/@mulesoftmysore Mysore WhatsApp group:- https://chat.whatsapp.com/EhqtHtCC75vCAX7gaO842N Speaker:- Vijayaraghavan Venkatadri:- https://www.linkedin.com/in/vijayaraghavan-venkatadri-b2210020/ Organizers:- Shubham Chaurasia - https://www.linkedin.com/in/shubhamchaurasia1/ Giridhar Meka - https://www.linkedin.com/in/giridharmeka Priya Shaw - https://www.linkedin.com/in/priya-shaw

Authenticator and provisioning connector in wso2 Identity ServerRajendram Kathees

WSO2 Identity Server (IS) allows for authentication using various authenticators including social network identities, multi-factor authentication, and federated identities. It supports single sign-on, federated identity, user provisioning and management. The document discusses authenticators in WSO2 IS like OAuth2/OpenID Connect, SAML SSO, and multi-factor authenticators. It also covers features like configurable authentication flows, just-in-time user provisioning and management capabilities in WSO2 IS.

OAuth 2.0 marcwan

This document discusses migrating from ClientLogin to OAuth 2.0 for authentication with Google APIs. It provides an overview of OAuth 2.0, including that it is more secure than ClientLogin by not exposing passwords and allowing token revocation. It also outlines the steps to implement OAuth 2.0 using the web server flow, including getting credentials from the Google APIs console and using refresh tokens to automatically renew expired access tokens. Code examples are provided to demonstrate authorization and connecting to APIs using OAuth 2.0 credentials.

OAuth2 Best Practices in Native AppsJeff Fontas

Codemash-2017Kevin Cody

This document provides an overview of authentication and authorization with federated identity services. It defines key concepts like authentication vs authorization, federated identity, assertions, OpenID, OAuth, Active Directory Federation Services, OpenID Connect, Security Assertion Markup Language, JSON Web Tokens, and FIDO U2F. It also discusses user experience wins, threat modeling considerations, example attacks to consider, and questions from the audience.

Keeping Pace with OAuth’s Evolving Security Practices.pdfSirris

Authenticator and provisioning connector in wso2 isH Mohammed Rajjaz

This document provides an overview of authentication and provisioning connectors in WSO2 Identity Server (IS). It discusses bringing your own identity through social network and open API integration. It also describes WSO2 IS as a 5th generation identity management product that supports single sign-on, federated identity, user provisioning and management through configurable authentication flows. Key features include built-in and custom authenticators, multi-factor authentication, just-in-time user provisioning, and extensible integration with user stores.

Implementing OpenID for Your Social Networking SiteDavid Keener

There are thousands of social networking sites, each with their own unique sign-on systems. How many user names and passwords do you really want to remember? Wouldn't it be nice if you could have a single sign-on that you could use on all of the sites that you frequent? OpenID is an open-source, decentralized sign-on technology that promises this and more. Find out how to implement OpenID for a web site using Ruby on Rails.

Openid+OpensocialSebastiano Merlino (eTr)

Free Libre Open Source Software DevelopmentFrederik Questier

This document provides an overview of Free Libre Open Source Software (FLOSS) development. It discusses what FLOSS is, why to use and develop FLOSS, and how FLOSS is developed. FLOSS development is described as an open, collaborative process done within communities internationally. Developers work together decentralizedly using tools like mailing lists, version control systems, and bug trackers. New contributors start by engaging with communities, submitting issues and patches. Community leadership focuses on meritocracy, autonomy, and delegating tasks. Challenges to Cuban participation include internet access and license decisions, but these may be addressed through solutions.

OER & CopyrightsFrederik Questier

More Related Content

Similar to Authentication options for Open edX: focus on OAuth and OpenID (20)

PayPal Access GDG DevFestPayPal

Application Security in ASP.NET CoreNETUserGroupBern

OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt

Accessing APIs using OAuth on the federated (WordPress) webFelix Arntz

OpenID Connect ExplainedVladimir Dzhuvinov

Authorization and Authentication using IdentityServer4Aaron Ralls

OAuth2 and OpenID with Spring BootGeert Pante

Auth proxy pattern on KubernetesMichał Wcisło

OpenID for Verifiable CredentialsTorsten Lodderstedt

OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt

Steam Learn: HTTPS and certificates explainedinovia

Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...MysoreMuleSoftMeetup

Authenticator and provisioning connector in wso2 Identity ServerRajendram Kathees

OAuth 2.0 marcwan

OAuth2 Best Practices in Native AppsJeff Fontas

Codemash-2017Kevin Cody

Keeping Pace with OAuth’s Evolving Security Practices.pdfSirris

Authenticator and provisioning connector in wso2 isH Mohammed Rajjaz

Implementing OpenID for Your Social Networking SiteDavid Keener

Openid+OpensocialSebastiano Merlino (eTr)

PayPal Access GDG DevFestPayPal

Application Security in ASP.NET CoreNETUserGroupBern

OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt

Accessing APIs using OAuth on the federated (WordPress) webFelix Arntz

OpenID Connect ExplainedVladimir Dzhuvinov

Authorization and Authentication using IdentityServer4Aaron Ralls

OAuth2 and OpenID with Spring BootGeert Pante

Auth proxy pattern on KubernetesMichał Wcisło

OpenID for Verifiable CredentialsTorsten Lodderstedt

OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt

Steam Learn: HTTPS and certificates explainedinovia

Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...MysoreMuleSoftMeetup

Authenticator and provisioning connector in wso2 Identity ServerRajendram Kathees

OAuth 2.0 marcwan

OAuth2 Best Practices in Native AppsJeff Fontas

Codemash-2017Kevin Cody

Keeping Pace with OAuth’s Evolving Security Practices.pdfSirris

Authenticator and provisioning connector in wso2 isH Mohammed Rajjaz

Implementing OpenID for Your Social Networking SiteDavid Keener

Openid+OpensocialSebastiano Merlino (eTr)

More from Frederik Questier (20)

Free Libre Open Source Software DevelopmentFrederik Questier

OER & CopyrightsFrederik Questier

Plagiarism prevention and detectionFrederik Questier

This document summarizes a presentation on plagiarism prevention and detection. It defines plagiarism as using another's work without attribution. While not a legal crime, plagiarism is considered an academic offense. Both prevention through education and detection methods have limitations. Detection tools can be fooled and incorrectly flag original work. The best prevention strategies involve thorough education of students about proper citation and encouraging writing practices that promote original thought. Overall the presentation argues for focusing on prevention over problematic detection approaches.

FLOSS strategies & policiesFrederik Questier

This presentation discusses strategies and policies for promoting free/libre and open source software (FLOSS) in research and education. It provides a brief history of FLOSS, outlines reasons to use and develop FLOSS, and describes perceived barriers to adoption. It also summarizes a study on FLOSS knowledge, perceptions and adoption in Flemish schools, which developed a conceptual model of acceptance factors. The presentation concludes with recommendations for FLOSS policies and strategies for institutional migrations to FLOSS.

Computer & Data SecurityFrederik Questier

Here are some ways I would optimize the backup strategy: - Only back up data directories instead of entire hard disks to reduce backup size and time. - Stagger backups throughout the night instead of all at once to avoid overloading the network. - Store backups offsite as well as on the NAS for disaster recovery in case the onsite storage is damaged. - Consider cloud backup services for additional offsite storage. - Encrypt backups for security and confidentiality. - Test restores periodically to validate backups are working properly. - Consider versioning backups to allow restoration of previous file versions. - Automate verification of backups to catch any failures or corrupt backups. - Review

Open e-learning - MarMOOC experiences - CubaFrederik Questier

Open learning experiences from the MarMOOC project presented at BDUFrederik Questier

Open learning Experiences from the MarMOOC project (presented at UHo)Frederik Questier

FLOSS developmentFrederik Questier

E-learning design models - Primer for (educational) technologistsFrederik Questier

MOOCs & OpennessFrederik Questier

New learning paradigms and learning technologiesFrederik Questier

This document discusses new learning paradigms and technologies that can improve education. It suggests universities should change how they educate students to better prepare them for an unknown future with rapid technological changes. Modern teaching approaches are more student-centered, collaborative, and focus on developing skills for lifelong learning compared to traditional teaching. Educational technologies can augment teaching by supporting complex, contextualized learning activities. The document outlines strategies universities can take to promote educational innovation, such as establishing an innovation center, formalizing collaboration between faculties, and developing an educational vision.

Free Libre And Open Source Software Acceptance in The Cuban Higher Educationa...Frederik Questier

Students' Experiential Knowledge Production in the Teaching-Learning Process ...Frederik Questier

Institutional strategies for educational innovation and e-learningFrederik Questier

This presentation discusses strategies for educational innovation and e-learning at Jimma University in Ethiopia. It recommends establishing an educational innovation center to provide resources and training to teaching staff. It also suggests formalizing contact with each faculty through an educational innovation committee and collaborating with educational researchers. Performing needs analyses of teachers and disseminating best practices are also presented as ways to support the adoption of innovative teaching methods using information and communication technologies.

New learning paradigms and technologiesFrederik Questier

This presentation discusses new learning paradigms and technologies. It begins by noting that the future is unpredictable and students today may not realize how much their professional lives will change. It then discusses trends like the technological singularity, increasing connectivity through devices and the internet of things, and how information abundance has replaced scarcity. The presentation advocates preparing students for this unknown future by focusing on skills like social skills, creativity, and lifelong learning rather than only transmitting knowledge. It also promotes active, collaborative, and constructionist approaches to learning over passive absorption of knowledge.

Free & Open Source Software (2017 update)Frederik Questier

This document provides an overview of free and open source software (FOSS). It discusses the history of software sharing and development, the rise of proprietary software, and the free software movement started by Richard Stallman. FOSS tools like Linux have seen widespread adoption and now dominate areas like web servers and supercomputing. The document examines motivations for using FOSS such as cost savings, security, and avoiding vendor lock-in. It also discusses the competitive advantages that FOSS provides for both individuals and institutions.

Challenges for 21st century education and blended learningFrederik Questier

FLOSS & OERFrederik Questier

This presentation discusses Free and Open Source Software (FOSS). It begins with a brief history of software development and the early days of sharing source code. It then covers the definitions of free software, open source software, and different software licenses. Examples are given of the success and widespread adoption of Linux and open source browsers and office suites. Strategies for effective use of FOSS in academic environments are discussed, along with open content and OER. Reasons why individuals and institutions should use FOSS include control, security, avoidance of lock-in, cross-platform use, fun and learning, involvement of students, and reduced costs. The presentation concludes by discussing business opportunities involving FOSS.

(Disruptive) innovations: education and societyFrederik Questier

Free Libre Open Source Software DevelopmentFrederik Questier

OER & CopyrightsFrederik Questier

Plagiarism prevention and detectionFrederik Questier

FLOSS strategies & policiesFrederik Questier

Computer & Data SecurityFrederik Questier

Open e-learning - MarMOOC experiences - CubaFrederik Questier

Open learning experiences from the MarMOOC project presented at BDUFrederik Questier

Open learning Experiences from the MarMOOC project (presented at UHo)Frederik Questier

FLOSS developmentFrederik Questier

E-learning design models - Primer for (educational) technologistsFrederik Questier

MOOCs & OpennessFrederik Questier

New learning paradigms and learning technologiesFrederik Questier

Free Libre And Open Source Software Acceptance in The Cuban Higher Educationa...Frederik Questier

Students' Experiential Knowledge Production in the Teaching-Learning Process ...Frederik Questier

Institutional strategies for educational innovation and e-learningFrederik Questier

New learning paradigms and technologiesFrederik Questier

Free & Open Source Software (2017 update)Frederik Questier

Challenges for 21st century education and blended learningFrederik Questier

FLOSS & OERFrederik Questier

(Disruptive) innovations: education and societyFrederik Questier

Recently uploaded (20)

Quality Contril Analysis of Containers.pdfDr. Bindiya Chauhan

Presentation of the MIPLM subject matter expert Erdem KayaMIPLM

Sinhala_Male_Names.pdf Sinhala_Male_Namekeshanf79

New Microsoft PowerPoint Presentation.pptxmilanasargsyan5

K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schoolsdogden2

Algebra 1 is often described as a “gateway” class, a pivotal moment that can shape the rest of a student’s K–12 education. Early access is key: successfully completing Algebra 1 in middle school allows students to complete advanced math and science coursework in high school, which research shows lead to higher wages and lower rates of unemployment in adulthood. Learn how The Atlanta Public Schools is using their data to create a more equitable enrollment in middle school Algebra classes.

Anti-Depressants pharmacology 1slide.pptxMayuri Chavan

Unit 6_Introduction_Phishing_Password Cracking.pdfKanchanPatil34

To study the nervous system of insect.pptxArshad Shaikh

The *nervous system of insects* is a complex network of nerve cells (neurons) and supporting cells that process and transmit information. Here's an overview: Structure 1. *Brain*: The insect brain is a complex structure that processes sensory information, controls behavior, and integrates information. 2. *Ventral nerve cord*: A chain of ganglia (nerve clusters) that runs along the insect's body, controlling movement and sensory processing. 3. *Peripheral nervous system*: Nerves that connect the central nervous system to sensory organs and muscles. Functions 1. *Sensory processing*: Insects can detect and respond to various stimuli, such as light, sound, touch, taste, and smell. 2. *Motor control*: The nervous system controls movement, including walking, flying, and feeding. 3. *Behavioral responThe *nervous system of insects* is a complex network of nerve cells (neurons) and supporting cells that process and transmit information. Here's an overview: Structure 1. *Brain*: The insect brain is a complex structure that processes sensory information, controls behavior, and integrates information. 2. *Ventral nerve cord*: A chain of ganglia (nerve clusters) that runs along the insect's body, controlling movement and sensory processing. 3. *Peripheral nervous system*: Nerves that connect the central nervous system to sensory organs and muscles. Functions 1. *Sensory processing*: Insects can detect and respond to various stimuli, such as light, sound, touch, taste, and smell. 2. *Motor control*: The nervous system controls movement, including walking, flying, and feeding. 3. *Behavioral responses*: Insects can exhibit complex behaviors, such as mating, foraging, and social interactions. Characteristics 1. *Decentralized*: Insect nervous systems have some autonomy in different body parts. 2. *Specialized*: Different parts of the nervous system are specialized for specific functions. 3. *Efficient*: Insect nervous systems are highly efficient, allowing for rapid processing and response to stimuli. The insect nervous system is a remarkable example of evolutionary adaptation, enabling insects to thrive in diverse environments. The insect nervous system is a remarkable example of evolutionary adaptation, enabling insects to thrive

P-glycoprotein pamphlet: iteration 4 of 4 finalbs22n2s

SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxRonisha Das

CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetSritoma Majumder

Introduction All the materials around us are made up of elements. These elements can be broadly divided into two major groups: Metals Non-Metals Each group has its own unique physical and chemical properties. Let's understand them one by one. Physical Properties 1. Appearance Metals: Shiny (lustrous). Example: gold, silver, copper. Non-metals: Dull appearance (except iodine, which is shiny). 2. Hardness Metals: Generally hard. Example: iron. Non-metals: Usually soft (except diamond, a form of carbon, which is very hard). 3. State Metals: Mostly solids at room temperature (except mercury, which is a liquid). Non-metals: Can be solids, liquids, or gases. Example: oxygen (gas), bromine (liquid), sulphur (solid). 4. Malleability Metals: Can be hammered into thin sheets (malleable). Non-metals: Not malleable. They break when hammered (brittle). 5. Ductility Metals: Can be drawn into wires (ductile). Non-metals: Not ductile. 6. Conductivity Metals: Good conductors of heat and electricity. Non-metals: Poor conductors (except graphite, which is a good conductor). 7. Sonorous Nature Metals: Produce a ringing sound when struck. Non-metals: Do not produce sound. Chemical Properties 1. Reaction with Oxygen Metals react with oxygen to form metal oxides. These metal oxides are usually basic. Non-metals react with oxygen to form non-metallic oxides. These oxides are usually acidic. 2. Reaction with Water Metals: Some react vigorously (e.g., sodium). Some react slowly (e.g., iron). Some do not react at all (e.g., gold, silver). Non-metals: Generally do not react with water. 3. Reaction with Acids Metals react with acids to produce salt and hydrogen gas. Non-metals: Do not react with acids. 4. Reaction with Bases Some non-metals react with bases to form salts, but this is rare. Metals generally do not react with bases directly (except amphoteric metals like aluminum and zinc). Displacement Reaction More reactive metals can displace less reactive metals from their salt solutions. Uses of Metals Iron: Making machines, tools, and buildings. Aluminum: Used in aircraft, utensils. Copper: Electrical wires. Gold and Silver: Jewelry. Zinc: Coating iron to prevent rusting (galvanization). Uses of Non-Metals Oxygen: Breathing. Nitrogen: Fertilizers. Chlorine: Water purification. Carbon: Fuel (coal), steel-making (coke). Iodine: Medicines. Alloys An alloy is a mixture of metals or a metal with a non-metal. Alloys have improved properties like strength, resistance to rusting.

How to Set warnings for invoicing specific customers in odooCeline George

World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...larencebapu132

Introduction to Vibe Coding and Vibe EngineeringDamian T. Gordon

pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulsesushreesangita003

Social Problem-Unemployment .pptx notes for Physiotherapy StudentsDrNidhiAgarwal

Unemployment is a major social problem, by which not only rural population have suffered but also urban population are suffered while they are literate having good qualification.The evil consequences like poverty, frustration, revolution result in crimes and social disorganization. Therefore, it is necessary that all efforts be made to have maximum. employment facilities. The Government of India has already announced that the question of payment of unemployment allowance cannot be considered in India

2541William_McCollough_DigitalDetox.docxcontactwilliamm2546

Geography Sem II Unit 1C Correlation of Geography with other school subjectsProfDrShaikhImran

YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYale School of Public Health - The Virtual Medical Operations Center (VMOC)

A measles outbreak originating in West Texas has been linked to confirmed cases in New Mexico, with additional cases reported in Oklahoma and Kansas. The current case count is 795 from Texas, New Mexico, Oklahoma, and Kansas. 95 individuals have required hospitalization, and 3 deaths, 2 children in Texas and one adult in New Mexico. These fatalities mark the first measles-related deaths in the United States since 2015 and the first pediatric measles death since 2003. The YSPH Virtual Medical Operations Center Briefs (VMOC) were created as a service-learning project by faculty and graduate students at the Yale School of Public Health in response to the 2010 Haiti Earthquake. Each year, the VMOC Briefs are produced by students enrolled in Environmental Health Science Course 581 - Public Health Emergencies: Disaster Planning and Response. These briefs compile diverse information sources – including status reports, maps, news articles, and web content– into a single, easily digestible document that can be widely shared and used interactively. Key features of this report include: - Comprehensive Overview: Provides situation updates, maps, relevant news, and web resources. - Accessibility: Designed for easy reading, wide distribution, and interactive use. - Collaboration: The “unlocked" format enables other responders to share, copy, and adapt seamlessly. The students learn by doing, quickly discovering how and where to find critical information and presenting it in an easily understood manner.

UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYDR.PRISCILLA MARY J

Quality Contril Analysis of Containers.pdfDr. Bindiya Chauhan

Presentation of the MIPLM subject matter expert Erdem KayaMIPLM

Sinhala_Male_Names.pdf Sinhala_Male_Namekeshanf79

New Microsoft PowerPoint Presentation.pptxmilanasargsyan5

K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schoolsdogden2

Anti-Depressants pharmacology 1slide.pptxMayuri Chavan

Unit 6_Introduction_Phishing_Password Cracking.pdfKanchanPatil34

To study the nervous system of insect.pptxArshad Shaikh

P-glycoprotein pamphlet: iteration 4 of 4 finalbs22n2s

SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxRonisha Das

CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetSritoma Majumder

How to Set warnings for invoicing specific customers in odooCeline George

World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...larencebapu132

Introduction to Vibe Coding and Vibe EngineeringDamian T. Gordon

pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulsesushreesangita003

Social Problem-Unemployment .pptx notes for Physiotherapy StudentsDrNidhiAgarwal

2541William_McCollough_DigitalDetox.docxcontactwilliamm2546

Geography Sem II Unit 1C Correlation of Geography with other school subjectsProfDrShaikhImran

YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYale School of Public Health - The Virtual Medical Operations Center (VMOC)

UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYDR.PRISCILLA MARY J

Authentication options for Open edX: focus on OAuth and OpenID

1. Federated identity: a technological overview (part II/II) Authentication options for Open edX: focus on OAuth and OpenID Prof. dr. Frederik Questier Vrije Universiteit Brussel Presented at Universidade de Vigo, Spain, April 2018 Project No. 573583-EPP-1-2016-1-ES-EPPKA2-CBHE-SP (2016-2558/001-001)

2. Who needs access to your Open edX server?

3. Who needs access to your Open edX server?

4. Who do you need to authenticate / identify? ➢ Authentication: could be self-registration ➢ Identification: real name

10. Open edX ➢ Supported Identity Providers ➢ OAuth2, OAuth1 ➢ Google, Facebook, LinkedIn, Microsoft Azure AD (365),… ➢ SAML 2 / Shibboleth ➢ Learning Tools Interoperability (LTI) ➢ Provisionally Supported Identity Providers ➢ OpenID ➢ Apache-hosted Shibboleth ➢ SSL client certificates ➢ Central Authentication Service (CAS)

11. Open standards Development history 2005 2007 2012 2014 OpenID OpenID2 OpenID Connect Oauth OAuth2

12. is an authentication layer on top of

14. Use cases designed for? ➢ OpenID ➢ Federated authentication ➢ Login at site B with your credentials from site A (identity provider) without giving B your password. ➢ E.g. login at edX by verifying at Google. ➢ Oauth ➢ Delegated authorization ➢ Authorize app/site B to access your data at site A without giving B your password. ➢ E.g. allow mobile edX app access to your edX server data

15. In practice, also by Open edX, ... ➢ OAuth is often abused for pseudo-authentication ➢ Possible ➢ But requires custom code for each authorization provider. ➢ Well known for the famous ones like Google and Facebook ➢ Provided by Open edX

16. Here is the Here you go Google – The Identity Provider Here is the Here you go Google – The Identity Provider OpenID Authentication vs. Pseudo-Authentication using OAuth adapted from a drawing by @_nat_en *valet key = limited scope OAuth Token & the API Provider Who are YOU? Send me a notarized referral letter. Give me the valet key* to your house (account) so that I know you are the owner of the house Please issue me a valet key* for the core APIs valet key* certificate Please write a referral stating that I'm user@gmail name: Real Name email: user@gmail notary: Google name: Real Name email: user@gmail notary: Google

17. OpenID = user-centric :) ➢ Dream: login everywhere with your preferred identity provider or with your own URL ➢ e.g. login by writing “http://questier.com“ ➢ = my server that runs openid identity server ➢ or that has rel-link to http://questier.myopenid.com

18. The user-centric dream killed :( ➢ 2014 MyOpenID shuts down ➢ Facebook OpenID connect → Facebook Connect ➢ 2018 Stackexchange OpenID support shuts down

21. Recommendation 1 Check which of these Open edX solutions fit your institutional identity provider ➢ Supported Identity Providers ➢ OAuth2, OAuth1 ➢ Google, Facebook, LinkedIn, Microsoft Azure AD (365),… ➢ SAML 2 / Shibboleth ➢ Learning Tools Interoperability (LTI) ➢ Provisionally Supported Identity Providers ➢ OpenID ➢ Apache-hosted Shibboleth ➢ SSL client certificates ➢ Central Authentication Service (CAS)

22. Recommendation 2 Check Open edX manual

23. Recommendation 3 Consider if you want to identify MarMOOC members or others

24. Additional copyright credits ➢ https://commons.wikimedia.org/wiki/File:OpenIDvs.Pseudo-AuthenticationusingOAuth.svg CC0 ➢ Social Icons by Iconshock http://www.iconshock.com/social-icons/

25. This presentation was made with 100% Free Software No animals were harmed Questier.com Frederik AT Questier.com www.linkedin.com/in/fquestie www.diigo.com/user/frederikquestier www.slideshare.net/Frederik_Questier Q uestions? Merci!

Authentication options for Open edX: focus on OAuth and OpenID

Recommended

More Related Content

Similar to Authentication options for Open edX: focus on OAuth and OpenID (20)

More from Frederik Questier (20)

Recently uploaded (20)

Authentication options for Open edX: focus on OAuth and OpenID