<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
According to
<a class="moz-txt-link-freetext" href="https://developer.mozilla.org/en-US/docs/Mozilla/Tech/Firefox_Accounts/Introduction#Firefox_Accounts_deployments">https://developer.mozilla.org/en-US/docs/Mozilla/Tech/Firefox_Accounts/Introduction#Firefox_Accounts_deployments</a><br>
<br>
It should be on the profile server:<br>
<br>
<tt>curl -v -H "Authorization: Bearer
c004f4d49008326dc873f0d19eef9ee371c788bea0b888fb7aafa422e1d72d30"
<a class="moz-txt-link-rfc2396E" href="https://stable.dev.lcip.org/profile/v1/profile">"https://stable.dev.lcip.org/profile/v1/profile"</a></tt><br>
<br>
Today bearer tokens doesn't expire but it is going to change.<br>
You probably want to have a different Bearer token per device.<br>
<br>
Best,<br>
<br>
Rémy<br>
<br>
<div class="moz-cite-prefix">Le 29/05/2015 21:59, Victor Ng a
écrit :<br>
</div>
<blockquote
cite="mid:CA+Ve988epCRDoGhUreRLTEBr30ghq_-AQtGLsDwjGZQ8tc8UcQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>Doh. I didn't notice the reply-to doesn't go to the
mailing list....<br>
<br>
----<br>
<br>
</div>
<div>Thanks Remy!<br>
</div>
<div><br>
</div>
I've got a client that seems to login now. I get a code, I
pass that into my EC2 box and in the end I end up getting a
JSON blob with a bearer token.<br>
<br>
I'm doing something wrong when I try to fetch the user profile
though. I'm doing something like this:<br>
<br>
curl -v \<br>
-H "Authorization: Bearer
c004f4d49008326dc873f0d19eef9ee371c788bea0b888fb7aafa422e1d72d30"
\<br>
"<a moz-do-not-send="true"
href="https://oauth-stable.dev.lcip.org/v1/profile"
target="_blank">https://oauth-stable.dev.lcip.org/v1/profile</a>"<br>
<br>
</div>
<div>Can I use that bearer token from both my phone *and* my EC2
box? How long can I expect the token to be valid for? <br>
<br>
</div>
vic
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, May 20, 2015 at 3:58 AM, Rémy
Hubscher <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:rhubscher@mozilla.com" target="_blank">rhubscher@mozilla.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Hello Vic,<br>
<br>
So basically all you want to do is to get the user id
after the login, is that right?<br>
<br>
If I get it right, all you have to do is to register a
client to Firefox Account (you can do it yourself for
development here: <a moz-do-not-send="true"
href="https://oauth-stable.dev.lcip.org/console/clients"
target="_blank">https://oauth-stable.dev.lcip.org/console/clients</a>
(log with a @<a moz-do-not-send="true"
href="http://mozilla.com" target="_blank">mozilla.com</a>
email))<br>
<br>
<br>
All the steps are defined here:
<a moz-do-not-send="true"
href="https://developer.mozilla.org/en-US/docs/Mozilla/Tech/Firefox_Accounts/Introduction"
target="_blank">https://developer.mozilla.org/en-US/docs/Mozilla/Tech/Firefox_Accounts/Introduction</a><br>
<br>
The login flow is the following:<br>
<br>
<ol>
<li>You open a browser view with the Firefox Account
login page asking for a list of scopes (in your case
it might be <b>mozstumbler</b>) If you need the
email you may ask <b>profile:email</b> as well</li>
<ol>
<li>You give a <b>state</b>, the <b>scope</b>s and
your <b>client_id</b></li>
<li>See
<a moz-do-not-send="true"
href="https://github.com/mozilla/fxa-oauth-server/blob/master/docs/api.md#get-v1authorization"
target="_blank">https://github.com/mozilla/fxa-oauth-server/blob/master/docs/api.md#get-v1authorization</a><b><br>
</b></li>
</ol>
<li>Then the user logs in and is redirected to your
service with a <b>code</b> and a <b>state</b> (a
session that you gave him)</li>
<li>Then you talk to the Firefox Account server to
exchange this code and state with a access token.</li>
<ol>
<li>See
<a moz-do-not-send="true"
href="https://github.com/mozilla/fxa-oauth-server/blob/master/docs/api.md#post-v1token"
target="_blank">https://github.com/mozilla/fxa-oauth-server/blob/master/docs/api.md#post-v1token</a><br>
</li>
</ol>
<li>This bearer token give you access to the FxA user
id as well as the email if you need it.</li>
<ol>
<li><a moz-do-not-send="true"
href="https://github.com/mozilla/fxa-profile-server/blob/master/docs/API.md#get-v1email"
target="_blank">https://github.com/mozilla/fxa-profile-server/blob/master/docs/API.md#get-v1email</a><br>
</li>
</ol>
<li>You must also validate that this Bearer token have
got the <b>mozstumbler</b> scope<br>
</li>
</ol>
<br>
Since you are in an Android app, you will need to setup
a redirect url that will be catched by your app after
the login so that you get back the code and state and
can handle them. (See <a moz-do-not-send="true"
href="http://stackoverflow.com/a/2958870/186202"
target="_blank">http://stackoverflow.com/a/2958870/186202</a>)<br>
<br>
Hope this helps you,<br>
<br>
Rémy
<div>
<div><br>
<br>
<br>
<div>Le 19/05/2015 22:16, Victor Ng a écrit :<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div>
<div dir="ltr">
<div>
<div>Hi!<br>
<br>
</div>
We'd like to look at getting FxA integration
into the mozilla stumbler, but I'm pretty
confused as to what I actually need to do.<br>
<br>
</div>
<div>The use case we have is that we are
launching localized leaderboards. Basically -
geographically scoped score boards. <br>
<br>
The intent here is to login to the mobile
application - not a particular web service.<br>
</div>
<div><br>
</div>
<div>The name of our app is "Mozilla Stumbler"<br>
<br>
We're running our dev leaderboard instance on
: <a moz-do-not-send="true"
href="http://ec2-52-1-93-147.compute-1.amazonaws.com"
target="_blank">ec2-52-1-93-147.compute-1.amazonaws.com</a>
, we can set the redirect_uri to whatever
makes sense or is defacto standard for FxA.<br>
<br>
</div>
<div><br>
</div>
<div>thanks!<br>
</div>
vic<br>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<span>
<pre>_______________________________________________
Dev-fxacct mailing list
<a moz-do-not-send="true" href="mailto:Dev-fxacct@mozilla.org" target="_blank">Dev-fxacct@mozilla.org</a>
<a moz-do-not-send="true" href="https://mail.mozilla.org/listinfo/dev-fxacct" target="_blank">https://mail.mozilla.org/listinfo/dev-fxacct</a>
</pre>
</span></blockquote>
<br>
</div>
<br>
_______________________________________________<br>
Dev-fxacct mailing list<br>
<a moz-do-not-send="true"
href="mailto:Dev-fxacct@mozilla.org" target="_blank">Dev-fxacct@mozilla.org</a><br>
<a moz-do-not-send="true"
href="https://mail.mozilla.org/listinfo/dev-fxacct"
target="_blank">https://mail.mozilla.org/listinfo/dev-fxacct</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Dev-fxacct mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Dev-fxacct@mozilla.org">Dev-fxacct@mozilla.org</a>
<a class="moz-txt-link-freetext" href="https://mail.mozilla.org/listinfo/dev-fxacct">https://mail.mozilla.org/listinfo/dev-fxacct</a>
</pre>
</blockquote>
<br>
</body>
</html>