OAuth and OpenID implementation
HSNM administration backend general discussion

Rate this topic
   Post Reply
10 posts   •   Page 1 of 1
jnsilver
Posts: 79
Joined: 28 Jun 2017, 16:13

OAuth and OpenID implementation

by jnsilver » 05 Jan 2018, 14:51

Hi,
can you explain a little bit more how this works.

Can I combine it with other Authentication modes? For example: We have a domain where we use "Registration by the user" and want to add Authentication by OAuth via an iOS/Android APP.

The idea is to use OAuth to verify a user as valid and to grant access to use the Hotspot.

How about the assigned product for authentications by OAuth/OpenID? Will there be an option to select a product for these type of authentication?

Thanks
Jens

HSNMSupport
Posts: 1553
Joined: 26 Jul 2016, 09:16

Re: OAuth and OpenID implementation

by HSNMSupport » 08 Jan 2018, 15:02

Hi,

the authentication process remain the same. You just have to configure, under system settings, the OAuth configuration and then enable it under domain configuration. At this point you will see, in the welcome portal, the possibility to register/connect using the OAuth.

Best Regards.

jnsilver
Posts: 79
Joined: 28 Jun 2017, 16:13

Re: OAuth and OpenID implementation

by jnsilver » 10 Jan 2018, 16:28

Hi,
Which product/product policy will be assigned to a user that uses OAuth? Is there a way to assign a specific product to such a user, especially if there are different products available?

Again the question: Is it possible to do the login process from an external ressource (like an iOS/Android APP) using the API?

HSNMSupport
Posts: 1553
Joined: 26 Jul 2016, 09:16

Re: OAuth and OpenID implementation

by HSNMSupport » 10 Jan 2018, 17:35

Hi,

OAuth authentication follows the Social Login specification. So if a product is available with social login it will be available for OAuth as well.
Assignment of a specific product works as always.There must be a single product for that specific registration mode or a single free product in order to get it assigned to the user. Instead, if you have more then one product available for, in this case, social login user will have the usual screen to choose the prefered prodcut.

About login process from an external resource: Yes, technically is possible but you have to develop something that does everything that is done by the welcome portal. We already provide API to be able to create users, assign product to them etc... but all that manage this has to be developed by you in your APP.

In the Admin section of the HSNM, under the documentation menu, you can find examples about how to use API via VB.NET. VB.NET can be a language to use to develop your APP.

Best Regards.

jnsilver
Posts: 79
Joined: 28 Jun 2017, 16:13

Re: OAuth and OpenID implementation

by jnsilver » 12 Jan 2018, 15:51

Hi,
There is a question from my developers...
What methods of OAuth (Grant Types) does the system support or serve it as an identity provider?
Thanks.

HSNMSupport
Posts: 1553
Joined: 26 Jul 2016, 09:16

Re: OAuth and OpenID implementation

by HSNMSupport » 12 Jan 2018, 17:06

Hi,
we use a client Grant Types in order to get the user identity.

Regards.

jnsilver
Posts: 79
Joined: 28 Jun 2017, 16:13

Re: OAuth and OpenID implementation

by jnsilver » 05 Jun 2018, 13:23

Hi,
Am I right that I can set the Custom OAuth Authentication only onces for all resellers, managers and domains?

I need to understand the communication flow between the client/client device, the captive portal (or the APP), the Mikrotik and the HSNM during a login. Is there some more information than in the manual?

HSNMSupport
Posts: 1553
Joined: 26 Jul 2016, 09:16

Re: OAuth and OpenID implementation

by HSNMSupport » 05 Jun 2018, 15:13

Hi jnsilver,

yes, you are right.

About the communication flow:

1) user device connects to the gateway hotspot network;
2) gateway, through its configured html pages, redirect the user to the welcome portal (captive portal);
3) user enters its credentials through the login app;
4) login app sends credentials entered by the user to the gateway;
5) gateway, through a radius communication with HSNM Radius server, starts the authentication process using credentials obtained at point 4;
6) HSNM radius server processes the authentication request and, if credentials are correct, authenticates the user passing its connections parameters to the gateway.

Best Regards.

jnsilver
Posts: 79
Joined: 28 Jun 2017, 16:13

Re: OAuth and OpenID implementation

by jnsilver » 07 Jun 2018, 16:55

Hi,
Thank you for the explanation...

Our client wants to use an mobile APP that triggers the login. Is there a way to "bypass" the login portal?
Does the HSNM talk to the external system to check if a user is valid?

HSNMSupport
Posts: 1553
Joined: 26 Jul 2016, 09:16

Re: OAuth and OpenID implementation

by HSNMSupport » 08 Jun 2018, 17:27

Hi jnsilver,

I'm sorry but it's not possible to do what your customer asked.

Best Regards.

Rate this topic

Who is online

Users browsing this forum: No registered users and 6 guests

It is currently 21 Nov 2024, 20:49