Implement IndieAuth as identity provider

Kittybox should support implementing IndieAuth as an identity provider. This would allow to log in to websites supporting IndieAuth (and OAuth2 in general) using Kittybox-provided identity, putting users in control of their online identity and user authentication.

Preferable source of authentication should be some form of passwordless WebAuthn (since passwords are so 20th century). Most computers containing Windows allow for WebAuthn using built-in TPM, and similar functionality can be seen on latest smartphones using their built-in cryptographic storage.

A password or a generated token could be allowed as a password recovery method or if a user doesn't have a device that supports WebAuthn. Not everyone can upgrade their OS, buy a YubiKey or a latest smartphone.

Assigned to
2 months ago
26 days ago
feature indieweb-protocols

~vikanezrimaya referenced this from #4 2 months ago

~vikanezrimaya 26 days ago

Almost done. Need to implement the storage backend, over which the IndieAuth identity provider is generic, and a method to retrieve user profiles (probably by reading the database - seems like the easiest way).

~vikanezrimaya 26 days ago

Make anything that returns user profiles generic over kittybox::database::Storage, retrieve h-card for me value (or the current host, if not specified) and convert it into Profile. Elide u-email if the corresponding scope was not granted.

Register here or Log in to comment, or comment via email.