TOKEN SERVER

What does it do?

This solution uses a token-based authentication system. When a user wants to connect to one of our service , they get an access token by asking a central server.

System Requirements

• The system needs to support multiple services (not necessarily centrally)
• The system needs to be able to assign users to different machines as a service scales out, or somehow distribute them
• The system should consistently send a user back to the same server once they’ve been assigned
• The system needs to give operations some level of control over how users are allocated
• The system should provide some recourse if a particular node dies
• The system that can handle exhaustion attacks. For example, I could set up an primary
• The system should auto-approve any username, then loop through users until all nodes were full.
• The system needs to support future developments like bucketed assignment
• system that scales infinitely.

Assumptions

• A Login Server detains the secret for all the Service Nodes for a given Service.
• Any given webhead in a cluster can receive calls to all service nodes in the cluster.
• The Login Server will support only BrowserID at first, but could support any authentication protocol in the future, as long as it can be done with a single call
• All servers are time-synced
• The expires value for a token is a fixed value per application. For example it could be 30 minutes for Sync and 2 hours for bipostal.
• The Login Server keeps a white list of domains for BID verifications

Resources

• Server https://github.com/mozilla-services/tokenserver

Specs and Docs:

• Token Server API v1.0
• User Flow
• History

Location

What does it do?

The Mozilla Location Service is an open service which lets devices determine their location based on network infrastructure like WiFi access points and cell towers. Project Overview

Requirements

• List of requirements

Get Involved

• As an individual you can join our active community and start mapping the wireless networks in your neighborhood or contribute to one of the client applications.
• As a developer you can directly use the service or contribute to the development of the service itself.

Instructions on how one can contribute to the project

Points of Contact

PM:

Name: contact@info IRC - #channel Group Email - TBD

Docs:

Name: contact@info IRC - #channel Group Email - TBD

Dev:

Name: contact@info IRC - #channel Group Email - TBD

QA:

Name: contact@info IRC - #channel Group Email - TBD

Ops:

Engineer - Name contact@info

Support:

Name: contact@info

Resources

Specs and Docs:

Code:

Public channel(s):

Internal/confidential channel(s):

Scheduled meetings

Events/meetups: