This blog is now an archive. Find content from Hiro here and Stacks news and announcements here.

blockstack

Blockstack Auth Developer Preview

Ryan Shea by Ryan Shea
December 19, 2016
in Technical
See the Stacks.co Blog for latest Stacks Ecosystem Updates!

We’re excited to show you a preview of a new library called Blockstack Auth, which enables applications to easily build on top of Blockstack and interact with Blockstack Identity and Blockstack Storage.

The javascript library is available for installation on npm and can be installed as a node package, and then packaged up for the frontend using a library like browserify or webpack. Installing Blockstack Auth is simple:

npm install blockstack

Here’s how it works…

Blockstack Auth provides two types of objects:

  • AuthRequest
  • AuthResponse

Applications create auth requests and send them to user identity providers. Meanwhile, user identity providers receive and validate auth requests, then create auth responses and send them back to the applications. Applications validate the auth responses and the authentication process is completed.

Here’s how an app developer can create an auth request:

import {makeAuthRequest} from 'blockstack'
const authRequest = makeAuthRequest(privateKey)

The auth request token will be base64url encoded so it can be transmitted as a URL parameter. It should look something like this:

console.log(authRequestToken)
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpc3N1ZXIiOnsicHVibGljS2V5IjoiMDI3ZDI4Zjk5NTFjZTQ2NTM4OTUxZTM2OTdjNjI1ODhhODdmMWYxZjI5NWRlNGExNGZkZDRjNzgwZmM1MmNmZTY5IiwiYmxvY2tjaGFpbmlkIjoib25lbmFtZSJ9LCJpc3N1ZWRBdCI6MTQ0NDI1ODkzNTI1MSwiY2hhbGxlbmdlIjoiMGI0MjcyMmItZTc4MS00MzRhLTgwNWQtYzA5YzQ3NmU4NmI5IiwicGVybWlzc2lvbnMiOlsiYmxvY2tjaGFpbmlkIl19.4sMvmUQ6q5DuAEXYaVIwVSe1nzd4KjfU3hwfoUztEAx9Gwr5XmS9-sBQZ2iS_x4uxzG2de1CHlw-14ZrB9ejww'

Here’s how a user’s identity provider can create an auth response on behalf of the user:

import {AuthResponse} from 'blockstack-auth'
const authResponse = makeAuthResponse(privateKey, profile, username)

The auth request token will be base64url encoded so it can be transmitted as a URL parameter. It should look something like this:

console.log(authResponseToken)
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpc3N1ZXIiOnsicHVibGljS2V5IjoiMDNmZGQ1N2FkZWMzZDQzOGVhMjM3ZmU0NmIzM2VlMWUwMTZlZGE2YjU4NWMzZTI3ZWE2NjY4NmMyZWE1MzU4NDc5IiwiYmxvY2tjaGFpbmlkIjoicnlhbiIsInB1YmxpY0tleWNoYWluIjoieHB1YjY2MU15TXdBcVJiY0ZRVnJRcjRRNGtQamFQNEpqV2FmMzlmQlZLalBkSzZvR0JheUU0NkdBbUt6bzVVRFBRZExTTTlEdWZaaVA4ZWF1eTU2WE51SGljQnlTdlpwN0o1d3N5UVZwaTJheHpaIiwiY2hhaW5QYXRoIjoiYmQ2Mjg4NWVjM2YwZTM4MzgwNDMxMTVmNGNlMjVlZWRkMjJjYzg2NzExODAzZmIwYzE5NjAxZWVlZjE4NWUzOSJ9LCJpc3N1ZWRBdCI6MTQ0NDI1OTQyMjE5NiwiY2hhbGxlbmdlIjoiMGI0MjcyMmItZTc4MS00MzRhLTgwNWQtYzA5YzQ3NmU4NmI5In0.8TLQF_PI_egjP6WVlmf2rxPH-PMgrSDHGKE7d29qxU5KBRMlHppOIx69AoBdEEFr0HSFW0mDbM60W3kHC5jc-Q'

One thing to note is that this is the bare metal of the Blockstack authentication system. It is still in a raw form and more work is required to get it into a “plug-and-play” state.

In a future release, we’ll be coming out with a comprehensive library that you can easily drop into your application and issue a few simple calls to authenticate the user. Stay tuned.

Ryan Shea

Ryan Shea

Ryan co-founded Blockstack, a development platform for decentralized apps where users own their data. Blockstack has a vibrant community of 50,000 enthusiasts and developers and in 2017 it raised $50M in one of the largest cryptocurrency sales to date.

Before Blockstack, Ryan co-founded a software-as-a-service startup called GraphMuse and worked in an operations role for OmniActive Health Technologies. He received a degree in Mechanical and Aerospace Engineering from Princeton University with a minor in Computer Science.

Ryan has authored several popular open source libraries in cryptography and blockchain technology and has experience in areas ranging from engineering to product management to growing developer communities.