MediaWiki API result

This is the HTML representation of the JSON format. HTML is good for debugging, but is unsuitable for application use.

Specify the format parameter to change the output format. To see the non-HTML representation of the JSON format, set format=json.

See the complete documentation, or the API help for more information. 

{
    "batchcomplete": "",
    "continue": {
        "gapcontinue": "Resume.app",
        "continue": "gapcontinue||"
    },
    "warnings": {
        "main": {
            "*": "Subscribe to the mediawiki-api-announce mailing list at <https://lists.wikimedia.org/postorius/lists/mediawiki-api-announce.lists.wikimedia.org/> for notice of API deprecations and breaking changes."
        },
        "revisions": {
            "*": "Because \"rvslots\" was not specified, a legacy format has been used for the output. This format is deprecated, and in the future the new format will always be used."
        }
    },
    "query": {
        "pages": {
            "6690": {
                "pageid": 6690,
                "ns": 0,
                "title": "RelMeAuth",
                "revisions": [
                    {
                        "contentformat": "text/x-wiki",
                        "contentmodel": "wikitext",
                        "*": "[[RelMeAuth]] is a proposed open standard for using [[rel-me]] links to profiles on [[OAuth]] supporting services to authenticate via either those profiles or your own site.\n\nRelMeAuth is the technology behind [[web-sign-in]].\n\n<div class=\"vcard\">\n; <span class=\"role\">Editor</span> \n: <span class=\"fn\">[[User:Tantek|Tantek \u00c7elik]]</span> (<span class=\"url\">http://tantek.com/</span>)\n</div>\n\n== support RelMeAuth ==\n=== users ===\nSee [[web-sign-in]]\n\nHere's a more technical explanation:\n\n'''Use [[rel-me|rel=\"me\"]] on your personal site, and enter your personal site as your web address on sites with [[web-sign-in]] (RelMeAuth).'''\n\nSteps:\n\n'''1. Add [[rel-me|rel=\"me\"]] links to your other profiles.'''\n\nAdd [[rel-me|rel=\"me\"]] to links from your home page to your various profiles on other services.\n\n'''2. Edit your other profiles to link back to your site.'''\n\nEdit your other profiles and set their \"home page\" or \"personal site\" or \"URL\" field to your personal site.\n\nHere's a [[hcard-xfn-supporting-friends-lists#Services_with_XFN_rel.3D.22me.22_to_one_external_site|list of profile sites that have URL fields and support rel-me]]. \n\n'''3. There is no step 3. You're done.'''\n\nNow on any site that uses (Web sign-in) / RelMeAuth login (e.g. try [http://tantek.com/relmeauth/ the RelMeAuth prototype]), simply enter your personal site URL, and that site's RelMeAuth code will sign you in by authenticating you with one of the social profiles that you've linked to (e.g. Twitter).\n\n==== examples in the wild ====\n===== simple home page =====\n\nTantek's home page http://tantek.com/ has (simplified markup)\n<syntaxhighlight lang=\"html\">\n<ul>\n<li><a rel=\"me\" href=\"http://twitter.com/t\">Twitter: @t</a></li>\n<li><a rel=\"me\" href=\"http://identi.ca/t\">identi.ca: t</a></li>\n</ul>\n</syntaxhighlight>\n\n=== users with separate contact pages ===\n\n'''But what if I prefer to have a separate contact or about page with my links to other profiles?'''\n\nIf you prefer a simpler home page and have it link to a separate contact page that links to your other profiles, then\n\n# add [[rel-me|rel=\"me\"]] to the link from your home page to your contact page\n# add [[rel-me|rel=\"me\"]] to links from your contact page to those other profiles\n\n\n==== more examples in the wild ====\n===== separate contact page =====\n\nJeremy Keith's home page http://adactio.com/ has (simplified markup)\n<syntaxhighlight lang=\"html\">\n<ul>\n<li><a rel=\"me\" href=\"/journal/\">Journal</a></li>\n<li><a rel=\"me\" href=\"/contact/\">Contact</a></li>\n</ul>\n</syntaxhighlight>\n\nand then also:\n\nhttp://adactio.com/journal/ has (simplified markup)\n<syntaxhighlight lang=\"html\">\n<ul>\n<li><a rel=\"me\" href=\"http://huffduffer.com/adactio/\">Huffduffer</a></li>\n<li><a rel=\"me\" href=\"http://twitter.com/adactio/\">Twitter</a></li>\n<li><a rel=\"me\" href=\"http://adactio.tumblr.com/\">Tumblr</a></li>\n<li><a rel=\"me\" href=\"http://www.last.fm/user/adactio/\">Last.fm</a></li>\n<li><a rel=\"me\" href=\"http://www.dopplr.com/traveller/adactio/public\">Dopplr</a></li>\n<li><a rel=\"me\" href=\"http://www.vimeo.com/user196031\">Vimeo</a></li>\n<li><a rel=\"me\" href=\"http://ffffound.com/home/adactio/found/\">Ffffound</a></li>\n<li><a rel=\"me\" href=\"http://readernaut.com/adactio\">Readernaut</a></li>\n<li><a rel=\"me\" href=\"http://97bottles.com/people/adactio/\">97 Bottles</a></li>\n</ul>\n</syntaxhighlight>\n\n==== authentication preference ====\nIf you have a specific preference for what service(s) to authenticate with, just make sure that you list links to your profiles on those other services in preference order (on your home page or contact page as described above).\n\n=== profile sites ===\nDo you run a site with profiles?\n\nAny social network site or similar site that has user profile pages should:\n# provide a [[user interface]] for a user to enter and publicly publish a URL back to their home page\n# publish a visible link with [[rel-me|rel=\"me\"]] from user's profile page to their personal home page\n\nMost [[hcard-xfn-supporting-friends-lists#Services_with_XFN_rel.3D.22me.22_to_one_external_site|sites already do this]]. \n\n=== authentication sites ===\nDo you run a site with user profiles that you want to let your users use to login to other sites?\n\nIn addition to supporting rel-me as [[#profile_sites|described above]]:\n\nAny site that wants to allow users to login with their credentials from that site on 3rd party sites should:\n# Support [[OAuth]] (2.0 even)\n# Follow Twitter's conventions for:\n#* endpoint paths and other protocol details\n#* mimic Twitter's user interface for authentication flow (on both desktop and mobile - they've done a great job)\n\n==== RelMeAuth providers ====\nSites that support both [[rel-me]] and are also [[OAuth]] providers:\n\n* Twitter ([http://apiwiki.twitter.com/OAuth-Examples Twitter OAuth Examples])\n* Google Profiles ([http://sites.google.com/site/oauthgoog/ Google OAuth documentation])\n* Identi.ca (uses the same endpoint paths/details as Twitter)\n* Github ([http://developer.github.com/v3/oauth/ Github OAuth 2 documentation])\n* ...\n\n=== sites needing a user login ===\nDo you have a site and want to let users login with their own identity?\n\nAny site that wants to let users login with their own identity should:\n# provide a user interface for users to enter or choose their preferred online identity (e.g. their own URL)\n# perform RelMeAuth authentication as described below\n\n== how it works ==\n=== summary algorithm ===\nSummary of the RelMeAuth authentication algorithm\n\n* input: a user identity (URL) to authenticate\n* output: success or cancel authentication or no authenticatable URLs found\n\n# start with a user identity URL (e.g from the UI, or from a cookie from previous login etc.)\n# iterate through their outbound rel-me links on the user identity URL (and any rel-me local subpages if necessary)\n## if\n### a rel-me destination is up (HTTP Get succeeded, following any redirects)\n### and rel-me links back to user identity URL\n### and has OAuth endpoint\n### then do OAuth authentication\n### if authentication succeeded, you're done, the user has been been authenticated with the user identity URL, exit\n### if it was rejected, the user canceled, thus cancel the entire authentication process, exit \n## continue iteration with the next rel-me link if any\n# no authenticatable URLs found (either none at all, or any provided had some other error, 404, no response, no OAuth endpoint, other OAuth error)\n\n=== detailed algorithm ===\n{{main|relmeauth-algorithms}}\n\n* input: a user identity (URL) to authenticate\n* output: success or cancel authentication or no authenticatable URLs found\n\n# start with a user identity URL (e.g from the UI, or from a cookie from previous login etc.)\n## if the identity URL is not user-owned (i.e. at a known silo domain), \n## then\n### the implementation should not accept it, and await user correction of the URL\n### the implementation may accept 1-2 silo domains for testing or demonstration purposes\n# if the URL is an IndieAuth provider \n# then try authenticating with it (we prefer the user's own site for auth)\n## if it succeeds, exit\n## if canceled, exit\n## otherwise continue\n# iterate through their outbound rel-me links on the user identity URL (first through direct rel-me links to external sites in order, then iterate through URLs deeper into the personal site in order, e.g. to a contacts page, and iterate through rel-me links from there to external sites in order, then the next breadth-first local rel-me page from the identity URL if necessary)\n## if\n### a rel-me destination is up (HTTP Get succeeded, following any redirects)\n### and rel-me links back to the user identity URL\n### and has OAuth endpoint\n### then do OAuth authentication\n### if authentication succeeded, you're done, the user has been been authenticated with the user identity URL, exit\n### if it was rejected, the user canceled, thus cancel the entire authentication process, exit \n## continue iteration with the next rel-me link if any\n# no authenticatable URLs found (either none at all, or any provided had some other error, 404, no response, no OAuth endpoint, other OAuth error)\n\n== Error Cases ==\n\nDocument things which can go wrong during the relmeauth process along with real world examples and what message should be shown to the end user to help them fix it.\n\nLet '''rel-me-url''' be the URL given by the user.\n\n'''The rel-me-url redirect chain includes a redirect where the scheme changes'''\n* Example: http://brennannovak.com redirects to https://brennannovak.com\n* Why is this a problem? \u2026 explain vulnerabilities for both directions here\n* What message should be presented to the user? Two cases:\n** If the insecure redirect only changed the scheme (as in the above example), tell them that they need to enter the https:// version of the URL\n*** Would it be acceptable to automatically restart the process using the secure URL? --[[User:Barnabywalters|bw]] 10:16, 8 October 2013 (UTC)\n*** What warning to give if a https:// URL redirects to a http:// URL? --[[User:Barnabywalters|bw]] 10:16, 8 October 2013 (UTC)\n** Otherwise, let them know there was an insecure redirect, as well as what it was. Bonus: explain how MITM attacks work and why they\u2019re dangerous\n\n'''A reverse rel-me link\u2019s redirect chain includes a redirect where the scheme changes'''\n* Example: \u2026\n* Why is this a problem? \u2026\n* What message should be presented to the user?\n\n== open source implementations ==\nThere are a couple of open source libraries that sites can use to implement RelMeAuth so their users can login using their own identities.\n\n=== Go ===\n* https://github.com/hawx/relme-auth\n** Live demo site: https://auth.hawx.me/\n\n=== Node.js ===\n* https://www.npmjs.com/package/relmeauth\n* https://github.com/superfeedr/node-relmeauth\n\n=== Python ===\n* [http://github.com/ptarjan/relmeauth Python RelMeAuth] by Paul Tarjan and Jeff Lindsay\n\n=== PHP ===\n* [http://github.com/themattharris/relmeauth PHP RelMeAuth] by Matt Harris and Tantek \u00c7elik\n** Live demo sites: \n*** http://tantek.com/relmeauth/\n*** http://apps.themattharris.com/relmeauth/ (2022-09-15: site appears to be dead)\n\n=== Ruby ===\n* [https://github.com/aaronpk/IndieAuth.com IndieAuth.com] (deprecated) by Aaron Parecki contains Ruby code for performing RelMeAuth authentication\n** To Do: Separate Ruby gem for Ruby implementation of RelMeAuth\n\n== to do ==\n* update [[web-sign-in]] with some screenshots of  auth screens (e.g. Twitter's OAuth flow with auth/read-only request, no write perms), or a picture of a lock or something.\n* create an Architecture Diagram for RelMeAuth per [http://blog.mozilla.org/security/2012/05/08/speeding-up-security-reviews/ Mozilla Security Blog: Speeding Up Security Reviews]\n* create a Detailed Application Diagram for RelMeAuth per the same[http://blog.mozilla.org/security/2012/05/08/speeding-up-security-reviews/].\n* write-up Data flow enumeration per the same[http://blog.mozilla.org/security/2012/05/08/speeding-up-security-reviews/].\n* write-up a Threat Analysis per the same[http://blog.mozilla.org/security/2012/05/08/speeding-up-security-reviews/].\n* resolve and close issues (see below).\n\n== issues ==\nIf this gets too long, we can move it to [[relmeauth-issues]]. As issues are resolved/closed, please move them to [[relmeauth-issues-resolved]]/[[relmeauth-issues-closed]] respectively.\n<div class=\"issues\">\n* How do you find the OAuth endpoint for any given user profile site/service? -[[User:Tantek|Tantek]]\n** Use OAuth 2.0 discovery mechanism if supported\n** Use a whitelist of provider site to OAuth endpoint\n** Try the Twitter OAuth endpoint paths on other sites to see if they work - assuming that many OAuth providers will simply mimic Twitter's example as suggested.\n*** This discovery by convention technique will work for example on:\n**** http://identi.ca/\n\n* How do you get an appID to use with any given site's OAuth? -[[User:Tantek|Tantek]]\n** This appears to still be a manual process, per site, and thus a legitimate limitation of RelMeAuth in comparison to say [[OpenID]].\n*** Some services are supporting appkey/secret pair anonymous/anonymous for mobile/desktop apps already.  Unsure how popular this is [[User:Singpolyma|Singpolyma]] 13:51, 23 April 2010 (UTC)\n\n* OAuth is for authorization, and as such gives the site I'm ident asserting to access to my account on the id service.  This is very bad.  Suggested solution: use OpenID instead. [[User:Singpolyma|Singpolyma]] 13:51, 23 April 2010 (UTC)\n** OAuth actually suggests granularity in access rather than blanket access ([http://tools.ietf.org/html/draft-hammer-oauth-10 OAuth IETF draft, see Sec 4.8]): <blockquote><p>When implementing this protocol, servers should consider the types of access resource owners may wish to grant clients, and should provide mechanisms to do so.  Servers should also take care to ensure that resource owners understand the access they are granting, as well as any risks that may be involved.</p></blockquote>Thus for RelMeAuth purposes, the RelMeAuth \"consumer\"/library should ask merely for \"authentication\" rather than read, write, update, or delete access. One exception is the \"share\" scenario, where a site lets a user RelMeAuth login via another site (e.g. Twitter), and then provides a UI for the user to share from that site to Twitter - in that case request auth/read/write access granularity makes sense. [[User:Tantek|Tantek]] 22:46, 26 April 2010 (UTC)\n\n* After authing with OAuth, how do you know what user it is that auth'd?  OAuth specifically does not tell you that information... [[User:Singpolyma|Singpolyma]] 13:54, 23 April 2010 (UTC)\n** Twitter provides user information via the OAuth token and their API, it is recommended that other OAuth providers follow this API convention while OAuth is evolved to provide to capability. [[User:Tantek|Tantek]] 22:46, 26 April 2010 (UTC)\n</div>\n\n== history ==\nOn 2010-02-01 Tantek [http://tantek.com/2010/032/t5/modest-proposal-authentication-oauth-twitter-rel-me introduced the basis for] and Jeff Lindsay [http://twitter.com/progrium/status/8521001762 suggested the name] for RelMeAuth.\n\nIn a follow-up Tantek [http://tantek.com/2010/032/t6/relmeauth-oauth-rel-me-auto-fallback-authentication suggested the following simple protocol] for RelMeAuth:\n\n<blockquote cite=\"http://tantek.com/2010/032/t6/relmeauth-oauth-rel-me-auto-fallback-authentication\"><p>\nRelMeAuth works for any #OAuth + rel-me site, and enables auto-fallback with use of alternate identities for authentication:</p><ol><li>user enters their site URL</li><li>iterate through their outbound rel-me links</li><li>if <ol><li>a rel-me destination is up, and</li><li> rel-me links back to user's site, and</li><li>has OAuth endpoint,</li></ol> then do OAuth authentication.</li></ol><p>Thus user links to their RelMeAuth profiles in preference order, and authentication code tries them in order. e.g. Twitter, Identi.ca, ... etc.</p></blockquote>\n\nLater that evening Tantek, Jeff Lindsay, Paul Tarjan and others discussed RelMeAuth at the [[events/2010-02-02-weekly-dinner-mv|microformats dinner in Mountain View]] and afterwards Jeff and Paul implemented RelMeAuth in an open source Python library at Hacker Dojo and discussed/tested it in IRC.\n\nhttp://krijnhoetmer.nl/irc-logs/microformats/20100203\n\nLess than 24 hours from concept to open source implementation.\n\n== articles posts comments ==\n* 2010-03-03 [http://simonwillison.net/2010/Mar/2/bewildering/#c60551  Blaine Cook] comment\n* 2010-02-16 [http://www.google.com/buzz/dclinton/HeMv1AQTXS8/Envisioning-decentralized-replies-and#1266371138608000 Tantek \u00c7elik] comment re: user interface\n* 2010-02-06 [http://aaronparecki.com/RelMeAuth Aaron Parecki] wiki page\n\n== vendor specific sign in ==\nThe following vendor specific sign-in methods have succeeded and are in far greater use than previous efforts at user-centric URL identity (e.g. OpenID).\n\nhttp://hueniverse.com/wp-content/uploads/2009/09/Sign-in-with-Twitter.png\n\nhttp://4.mshcdn.com/wp-content/uploads/2009/04/facebook-twitter-connect.gif\n\n* Sign in with Twitter\n** 2009-04-16 [http://hueniverse.com/2009/04/introducing-sign-in-with-twitter-oauth-style-connect/ Introducing \u2018Sign-in with Twitter\u2019, OAuth-Style \u201cConnect\u201d]\n** [https://dev.twitter.com/docs/auth/sign-twitter Sign in with Twitter developer home page]\n** [https://dev.twitter.com/docs/sign-twitter-resources Sign in with Twitter Resources] (more/latest buttons)\n* Connect with Facebook\n** ...\nSee articles comparing/contrasting them:\n* 2009-04-18 [http://mashable.com/2009/04/18/twitter-facebook-connect/ Facebook Connect vs. Sign in with Twitter: Fight!]\nUser-facing [[web-sign-in]] functionality (including \"( Web sign-in )\" button graphic) must be at least as simple, easy, and trustworthy as the these vendor specific sign in methods.\n\n== related ==\n* [[rel-me]]\n* [[OAuth]]\n* [[hCard]]\n* [[OpenID]]"
                    }
                ]
            },
            "6695": {
                "pageid": 6695,
                "ns": 0,
                "title": "RelMeAuth-fr",
                "revisions": [
                    {
                        "contentformat": "text/x-wiki",
                        "contentmodel": "wikitext",
                        "*": "[[RelMeAuth-fr|RelMeAuth]] est un standard ouvert propos\u00e9 pour utiliser les liens [[rel-me-fr|rel-me]] vers les profils sur les services supportant [[OAuth-fr|OAuth]] pour l'authentification que ce soit via ces profils ou votre propre site.\n\nRelMeAuth est la technologie derri\u00e8re [[web-sign-in-fr|connexion-web]].\n\n<div class=\"vcard\">\n; <span class=\"role\">Editeur</span> \n: <span class=\"fn\">[[User:Tantek|Tantek \u00c7elik]]</span> (<span class=\"url\">http://tantek.com/</span>)\n</div>\n<div class=\"vcard\">\n; <span class=\"role\">Traduction</span> \n: <span class=\"fn\">[[User:ChristopheDucamp|Christophe Ducamp]]</span> (<span class=\"url\">http://christopheducamp.com/</span>)\n</div>\n\n== support RelMeAuth ==\n=== utilisateurs ===\nVoir [[web-sign-in-fr|connexion web]]\n\nVoici une explication plus technique : \n\n'''Utilisez [[rel-me-fr|rel=\"me\"]] sur votre site personnel, et saisissez votre site personnel comme votre adresse web sur les sites avec une [[web-sign-in-fr|connexion web]] (RelMeAuth).'''\n\n\u00c9tapes :\n\n'''1. Ajoutez des liens [[rel-me-fr|rel=\"me\"]] \u00e0 vos autres profils.'''\n\nAjoutez [[rel-me-fr|rel=\"me\"]] aux liens provenant de votre page d'accueil personnelle vers vos diff\u00e9rents profils sur d'autres services.\n\n'''2. \u00c9ditez vos autres profils pour faire un lien retour vers votre site.'''\n\n\u00c9ditez vos autres profils et r\u00e9glez le champ \"home page\" ou \"page d'accueil\" ou \"URL\" vers votre site personnel.\n\nVoici une [[http://microformats.org/wiki/hcard-xfn-supporting-friends-lists-fr#Services_avec_XFN_rel.3D.22me.22_vers_un_site_externe|liste des sites de profil qui ont des champs URL et supportent rel-me]]. \n\n'''3. Il n'y a pas d'\u00e9tape 3. C'est termin\u00e9.'''\n\nD\u00e9sormais sur tout site qui utilise une connexion (connexion web) RelMeAuthNow (essayez par ex. [http://tantek.com/relmeauth/ le prototype RelMeAuth]), saisissez simplement votre URL de site personnel, et ce code RelMeAuth du site vous connectera en vous authentifiant avec l'un des profils sociaux que vous avez reli\u00e9s (par ex. Twitter).\n\n==== exemples dans la jungle ====\n===== page d'accueil simple =====\n\nLa page personnelle de Tantek http://tantek.com/ a (marquage simplifi\u00e9)\n<source lang=html4strict>\n<ul>\n<li><a rel=\"me\" href=\"http://twitter.com/t\">Twitter: @t</a></li>\n<li><a rel=\"me\" href=\"http://identi.ca/t\">identi.ca: t</a></li>\n</ul>\n</source>\n\n=== utilisateurs avec des pages de contact s\u00e9par\u00e9es  ===\n\n'''Et si je pr\u00e9f\u00e8re avoir une page de contact ou \"\u00e0 propos\" s\u00e9par\u00e9e avec mes liens vers d'autres profils ?'''\n\nSi vous pr\u00e9f\u00e9rez avoir une page de contact s\u00e9par\u00e9e qui lie vers vos autres profils, alors : \n\n# ajoutez [[rel-me-fr|rel=\"me\"]] au lien provenant de votre page d'accueil vers votre page de contact\n# ajoutez [[rel-me-fr|rel=\"me\"]] aux liens provenant de votre page contact vers ces autres profils \n\n\n==== plus d'exemples dans la jungle ====\n===== page contact s\u00e9par\u00e9e  =====\n\nLa page d'accueil de Jeremy Keith http://adactio.com/ has (marquage simplifi\u00e9)\n<source lang=html4strict>\n<ul>\n<li><a rel=\"me\" href=\"/journal/\">Journal</a></li>\n<li><a rel=\"me\" href=\"/contact/\">Contact</a></li>\n</ul>\n</source>\n\net puis aussi : \n\nhttp://adactio.com/journal/ a (marquage simplifi\u00e9)\n<source lang=html4strict>\n<ul>\n<li><a rel=\"me\" href=\"http://huffduffer.com/adactio/\">Huffduffer</a></li>\n<li><a rel=\"me\" href=\"http://twitter.com/adactio/\">Twitter</a></li>\n<li><a rel=\"me\" href=\"http://adactio.tumblr.com/\">Tumblr</a></li>\n<li><a rel=\"me\" href=\"http://www.last.fm/user/adactio/\">Last.fm</a></li>\n<li><a rel=\"me\" href=\"http://www.dopplr.com/traveller/adactio/public\">Dopplr</a></li>\n<li><a rel=\"me\" href=\"http://www.vimeo.com/user196031\">Vimeo</a></li>\n<li><a rel=\"me\" href=\"http://ffffound.com/home/adactio/found/\">Ffffound</a></li>\n<li><a rel=\"me\" href=\"http://readernaut.com/adactio\">Readernaut</a></li>\n<li><a rel=\"me\" href=\"http://97bottles.com/people/adactio/\">97 Bottles</a></li>\n</ul>\n</source>\n\n==== pr\u00e9f\u00e9rence d'authentification ====\nSi vous avez une pr\u00e9f\u00e9rence sp\u00e9cifique parmi le(s) service(s) d'authentification, assurez-vous juste que vous listez les liens vers vos profils sur ces autres services dans l'ordre de pr\u00e9f\u00e9rence (sur votre page d'accueil ou votre page contact comme d\u00e9crit au-dessus)\n\n=== sites de profils ===\nFaites-vous tourner un site avec des profils ?\n\nN'importe quel site de r\u00e9seau social ou site similaire ayant des pages de profils-utilisateur devrait : \n# fournir une [[user-interface-fr|interface utilisateur]] \u00e0 un utilisateur pour saisir et publier publiquement une URL vers sa page personnelle\n# publier un lien visible avec [[rel-me-fr|rel=\"me\"]] de la page du profil de l'utilisateur vers sa propre page personnelle\n\n[[http://microformats.org/wiki/hcard-xfn-supporting-friends-lists-fr#Services_avec_XFN_rel.3D.22me.22_vers_un_site_externe|La plupart des sites font d\u00e9j\u00e0 cela]]. \n\n=== sites d'authentification ===\nVous faites tourner un site avec des profils d'utilisateurs que vous voulez faire utiliser par vos utilisateurs pour se connecter sur d'autres sites ?\n\nEn plus de supporter rel-me comme [[#sites_de_profils|d\u00e9crit ci-dessus]] :\n\nTout site qui veut permettre aux utilisateurs de se connecter avec ses pr\u00e9sentations provenant de ce site sur des sites tiers devrait : \n# Supporter [[OAuth-fr|OAuth]] (m\u00eame avec 2.0)\n# Suivre les conventions de Twitter pour :\n#* les chemins endpoint et autres d\u00e9tails de protocole\n#* imiter l'interface utilisateur de Twitter pour le flux d'authentification (que ce soit sur le desktop ou le mobile - ils ont fait un travail remarquable)\n\n==== Fournisseurs RelMeAuth ====\nLes sites qui supportent \u00e0 la fois [[rel-me-fr|rel-me]] et sont aussi des fournisseurs [[OAuth-fr|OAuth]] :\n\n* Twitter ([http://apiwiki.twitter.com/OAuth-Examples Exemples Twitter OAuth])\n* Google Profiles ([http://sites.google.com/site/oauthgoog/ documentation Google OAuth])\n* Identi.ca (utilise les m\u00eames chemins endpoint/d\u00e9tails que Twitter)\n* Github ([http://developer.github.com/v3/oauth/ Github OAuth 2 documentation])\n* ...\n\n=== sites ayant besoin d'une connexion utilisateur ===\nAvez-vous un site sur lequel vous voulez laisser les utilisateurs se connecter avec leurs propres identit\u00e9s ?\n\nTout site d\u00e9sirant laisser les utilisateurs se connecter avec leurs propres identit\u00e9s devrait : \n# fournir une interface utilisateur pour que les utilisateurs saisissent ou choisissent leur identit\u00e9 en ligne pr\u00e9f\u00e9r\u00e9e (par ex. leurs propres URLs)\n# ex\u00e9cuter une authentification RelMeAuth comme d\u00e9crit plus bas\n\n== comment \u00e7a marche ==\n=== r\u00e9sum\u00e9 algorithme ===\nR\u00e9sum\u00e9 de l'algorithme de l'authentification RelMeAuth\n\n* input : une identit\u00e9 utilisateur (URL) pour s'authentifier\n* output : succ\u00e8s ou annulation authentification ou pas d'URLs authentifiables trouv\u00e9es\n\n# d\u00e9marrer avec une URL d'identit\u00e9 utilisateur (par ex. provenant de l'IU, ou d'un cookie provenant des pr\u00e9c\u00e9dentes connexions, etc.)\n# it\u00e9rer \u00e0 travers les liens entrants rel-me sur l'URL de l'identit\u00e9 utilisateur (n'importe lesquelles des sous-pages locales rel-me si n\u00e9cessaire)\n## si\n### une destination rel-me est trouv\u00e9e (HTTP Get r\u00e9ussi, en suivant n'importe lesquelles des redirections)\n### et des liens rel-me en retour vers l'URL identit\u00e9 de l'utilisateur\n### et a un endpoint OAuth\n### alors faire authentification OAuth\n### si authentification r\u00e9ussie, c'est fini, l'utilisateur a \u00e9t\u00e9 authentifi\u00e9 avec l'URL identit\u00e9 utilisateur, exit\n### si elle est rejet\u00e9e, l'utilisateur a annul\u00e9, alors annuler la totalit\u00e9 du processus d'authentification, exit \n## continuer it\u00e9ration avec le prochain lien rel-me s'il y en a\n# pas d'URLs authentifiables trouv\u00e9es (que ce soit pas du tout, ou n'importe laquelle fournie comporte d'autres erreurs, 404, pas de r\u00e9ponse, pas de endpoint OAuth, autres erreurs OAuth)\n\n\n=== algorithme d\u00e9taill\u00e9 ===\n* input: a user identity (URL) to authenticate\n* output: success or cancel authentication or no authenticatable URLs found\n\n# start with a user identity URL (e.g from the UI, or from a cookie from previous login etc.)\n# if the URL is an OAuth provider \n# then try authenticating with it (we prefer the user's own site for auth)\n## if it succeeds, exit\n## if canceled, exit\n## otherwise continue\n# iterate through their outbound rel-me links on the user identity URL (first through direct rel-me links to external sites in order, then iterate through URLs deeper into the personal site in order, e.g. to a contacts page, and iterate through rel-me links from there to external sites in order, then the next breadth-first local rel-me page from the identity URL if necessary)\n## if\n### a rel-me destination is up (HTTP Get succeeded, following any redirects)\n### and rel-me links back to the user identity URL\n### and has OAuth endpoint\n### then do OAuth authentication\n### if authentication succeeded, you're done, the user has been been authenticated with the user identity URL, exit\n### if it was rejected, the user canceled, thus cancel the entire authentication process, exit \n## continue iteration with the next rel-me link if any\n# no authenticatable URLs found (either none at all, or any provided had some other error, 404, no response, no OAuth endpoint, other OAuth error)\n\n\n== impl\u00e9mentations open source ==\nIl existe quelques librairies opensource que les sites peuvent utiliser pour impl\u00e9menter RelMeAuth de mani\u00e8re \u00e0 ce que les utilisateurs puissent se connecter avec leurs propres identit\u00e9s.\n\n=== Python ===\n* [http://github.com/ptarjan/relmeauth Python RelMeAuth] par Paul Tarjan et Jeff Lindsay\n\n=== PHP ===\n* [http://github.com/themattharris/relmeauth PHP RelMeAuth] par Matt Harris et Tantek \u00c7elik\n** Sites d\u00e9mo Live : \n*** http://tantek.com/relmeauth/\n*** http://apps.themattharris.com/relmeauth/\n\n=== Ruby ===\n* [https://github.com/aaronpk/IndieAuth IndieAuth] par Aaron Parecki contient du code Ruby pour ex\u00e9cuter une authentification RelMeAuth authentication, mais actuellement int\u00e9gr\u00e9 \u00e0 l'int\u00e9rieur du code indieauth.com en g\u00e9n\u00e9ral\n** To Do : S\u00e9parer Ruby gem pour impl\u00e9mentation Ruby de RelMeAuth\n\n\n== probl\u00e9matiques ==\n<div class=\"issues\">\n* Comment trouvez-vous le endpoint OAuth pour n'importe quel site/service de profil utilisateur ? -[[User:Tantek|Tantek]]\n** Utilisez le m\u00e9canisme de d\u00e9couverte OAuth 2.0 si c'est support\u00e9\n** Utilisez une liste blanche de site fournisseur vers un endpoint OAuth\n** Essayez les chemins endpoint Twitter OAuth sur d'autres sites pour voir s'ils fonctionnent - en supposant que beaucoup de fournisseurs OAuth imiteront simplement l'exemple de Twitter comme sugg\u00e9r\u00e9.\n*** Cette d\u00e9couverte par technique de convention fonctionnera par exemple sur :\n**** http://identi.ca/\n\n* How do you get an appID to use with any given site's OAuth? -[[User:Tantek|Tantek]]\n** This appears to still be a manual process, per site, and thus a legitimate limitation of RelMeAuth in comparison to say [[OpenID]].\n*** Some services are supporting appkey/secret pair anonymous/anonymous for mobile/desktop apps already.  Unsure how popular this is [[User:Singpolyma|Singpolyma]] 13:51, 23 April 2010 (UTC)\n\n* OAuth is for authorization, and as such gives the site I'm ident asserting to access to my account on the id service.  This is very bad.  Suggested solution: use OpenID instead. [[User:Singpolyma|Singpolyma]] 13:51, 23 April 2010 (UTC)\n** OAuth actually suggests granularity in access rather than blanket access ([http://tools.ietf.org/html/draft-hammer-oauth-10 OAuth IETF draft, see Sec 4.8]): <blockquote><p>When implementing this protocol, servers should consider the types of access resource owners may wish to grant clients, and should provide mechanisms to do so.  Servers should also take care to ensure that resource owners understand the access they are granting, as well as any risks that may be involved.</p></blockquote>Thus for RelMeAuth purposes, the RelMeAuth \"consumer\"/library should ask merely for \"authentication\" rather than read, write, update, or delete access. One exception is the \"share\" scenario, where a site lets a user RelMeAuth login via another site (e.g. Twitter), and then provides a UI for the user to share from that site to Twitter - in that case request auth/read/write access granularity makes sense. [[User:Tantek|Tantek]] 22:46, 26 April 2010 (UTC)\n\n* After authing with OAuth, how do you know what user it is that auth'd?  OAuth specifically does not tell you that information... [[User:Singpolyma|Singpolyma]] 13:54, 23 April 2010 (UTC)\n** Twitter provides user information via the OAuth token and their API, it is recommended that other OAuth providers follow this API convention while OAuth is evolved to provide to capability. [[User:Tantek|Tantek]] 22:46, 26 April 2010 (UTC)\n\n</div>\n\n== historique ==\nLe 2010-02-01 Tantek [http://tantek.com/2010/032/t5/modest-proposal-authentication-oauth-twitter-rel-me a pr\u00e9sent\u00e9 la base] et Jeff Lindsay [http://twitter.com/progrium/status/8521001762 a sugg\u00e9r\u00e9 le nom] de RelMeAuth.\n\nLors d'une relance, Tantek [http://tantek.com/2010/032/t6/relmeauth-oauth-rel-me-auto-fallback-authentication sugg\u00e9rait le simple protocole qui suit] pour RelMeAuth :\n\n<blockquote cite=\"http://tantek.com/2010/032/t6/relmeauth-oauth-rel-me-auto-fallback-authentication\"><p>\nRelMeAuth works for any #OAuth + rel-me site, and enables auto-fallback with use of alternate identities for authentication:</p><ol><li>user enters their site URL</li><li>iterate through their outbound rel-me links</li><li>if <ol><li>a rel-me destination is up, and</li><li> rel-me links back to user's site, and</li><li>has OAuth endpoint,</li></ol> then do OAuth authentication.</li></ol><p>Thus user links to their RelMeAuth profiles in preference order, and authentication code tries them in order. e.g. Twitter, Identi.ca, ... etc.</p></blockquote>\n\nPlus tard dans la soir\u00e9e, Tantek, Jeff Lindsay, Paul Tarjan et d'autres ont discut\u00e9 de RelMeAuth lors du [[events/2010-02-02-weekly-dinner-mv|microformats d\u00eener \u00e0 Mountain View]] et ensuite Jeff et  Paul ont impl\u00e9ment\u00e9 RelMeAuth dans une librairie open source Python lors du Hacker Dojo et l'ont discut\u00e9e/test\u00e9e sur IRC.\n\nhttp://krijnhoetmer.nl/irc-logs/microformats/20100203\n\nMoins de 24 heures pour passer du concept \u00e0 l'impl\u00e9mentation opensource.\n\n== articles billets commentaires ==\n* 2010-03-03 [http://simonwillison.net/2010/Mar/2/bewildering/#c60551  Blaine Cook] comment\n* 2010-02-16 [http://www.google.com/buzz/dclinton/HeMv1AQTXS8/Envisioning-decentralized-replies-and#1266371138608000 Tantek \u00c7elik] comment re: user interface\n* 2010-02-06 [http://aaronparecki.com/RelMeAuth Aaron Parecki] wiki page\n\n== vendor specific sign in ==\nLes m\u00e9thodes commerciales suivantes sp\u00e9cifiques \u00e0 la connexion ont r\u00e9ussi et sont bien plus utilis\u00e9es que les efforts pr\u00e9c\u00e9demment d\u00e9crits d'identif\u00e9 URL (par ex. OpenID)\n\nhttp://hueniverse.com/wp-content/uploads/2009/09/Sign-in-with-Twitter.png\n\nhttp://4.mshcdn.com/wp-content/uploads/2009/04/facebook-twitter-connect.gif\n\n* Connexion avec Twitter\n** 2009-04-16 [http://hueniverse.com/2009/04/introducing-sign-in-with-twitter-oauth-style-connect/ Introducing \u2018Sign-in with Twitter\u2019, OAuth-Style \u201cConnect\u201d]\n** [https://dev.twitter.com/docs/auth/sign-twitter Sign in with Twitter developer home page]\n** [https://dev.twitter.com/docs/sign-twitter-resources Sign in with Twitter Resources] (more/latest buttons)\n* Connexion avec Facebook\n** ...\nVoir les articles les comparant/mettant en perspective :\n* 2009-04-18 [http://mashable.com/2009/04/18/twitter-facebook-connect/ Facebook Connect vs. Sign in with Twitter: Fight!]\nUser-facing [[web-sign-in]] functionality (including \"( Web sign-in )\" button graphic) must be at least as simple, easy, and trustworthy as the these vendor specific sign in methods.\n\n\n== en rapport ==\n* [[rel-me-fr|rel-me]]\n* [[OAuth-fr|OAuth]]\n* [[hcard-fr|hCard]]\n* [[OpenID-fr|OpenID]]"
                    }
                ]
            }
        }
    }
}
Retrieved from "http://microformats.org/wiki/Special:ApiHelp"