By Katie Keenan | Posted on August 31, 2011
We completely re-engineered from the ground up, allowing the new Janrain Engage social login widget to have dramatically faster load and execution times. Performance is greatly increased by using asynchronous loading and a host of optimizations including some HTML5, CSS3 (so fewer images to load), and improved CDN caching mechanisms (and yes, backwards compatible to IE6). International load times are as much as seven times faster. Check out our new Technical Paper on our Social Login Widget Performace Analysis.
The new event model allows customization at nearly every step of the login process. For example, while the built in return experience is already a perfect fit for the majority of our customers, creating a completely custom return experience using the information broadcast by the onReturnExperienceFound event is trivial. In this example, we simply replace the html of a div with a welcome back message that includes the name of the user when a return experience is found.
$("#someDivOnYourPage").html("Welcome back " + response.name);
// code would be placed here that would be executed every time the
// onProviderLoginStart event is fired. For instance, you may
// want to integrate a 3rd party analytics package that would track every
// time this event is fired. (Marketing people love this stuff!!!)
There is no limit to the number of handlers that can be added to an event. Every time an event is called, all the handlers that have been added to that event will be called. The following global events are currently available with many new events coming in the near future.
returns: customizable properties as json
returns: error and status
returns: returnProvider and welcomeName
For custom UIs, you will need to set janrain.settings.custom to true. By turning on the custom feature, rendering of the widget will be left to you. There are two public “helper” functions available to help with custom UIs; setProviderFlow and triggerFlow.
janrain.engage.signin.setProviderFlow(element, provider) : to use setProviderFlow, you only need to pass in an element and a provider name. Any element that has an onclick event will work, for example a div or a button.
janrain.engage.signin.triggerFlow(provider) : can be added directly to an onclick event of an element, or within a function that is called when an onclick event is fired. (If the function is used without an onclick event being fired directly by a user clicking on something then most pop-up blockers will block the popup window. So don’t do that!).
And now introducing client-side authentication, kinda. Implemented in the way I describe below, you get what looks and feels like client-side authentication with the security and robustness of server-side authentication (because the important parts are really happening on the sever-side). You can get that cool web 2.0 ajaxy thing going on. We do it with single use client-side bearer tokens passed over SSL that are exchanged for a long-lived token along with some server-side security fail-safes. It may sound complicated, but no worries, we handle all the scary details for you.
To use the client-side feature, you just turn it on in the settings with janrain.settings.tokenAction = ‘event’, and then add a handler to the onProviderLoginToken event. In that handler you can then pass the long-lived token to your server using ajax. That page (which could be the same as what you defined before for your tokenUrl), can then make server-to-server API calls, like auth_info, using our Restful API which would return the profile information of the end-user that just had a successf
How to tell if your identity management is ready for the new data protection regulations…
We just released the latest member of the Janrain product family: Janrain Advanced Policy Manager…
Janrain Information Security Manager, Lisa Nicholson, shares her thoughts on why CSA Level 2 and…