identitylink-services
identitylink-services copied to clipboard
ceramicstudio
Add Instagram verification
Hi, I added a Instagram verification for Ceramic's Identity Link Services.
As our product(Wallkanda) is dealing with artists, asking them to post an image with the did in description on their beautiful wall or even in bio can be very hard to accept so I decided to take advantages of existing OAuth API of this kind of social services to provide a private & secure way of verifying their account. But tell me if I'm wrong and the user should actually post something public.
It uses the OAuth2 Authorization Code Grant Type ( RFC 6749 or auth0 doc of the Instagram OAuth server to get the username and id.
More info about the Authorization Window from Instagram
I made a quick sequence diagram:
I chose to make the instagram_request a HTTP GET request with username & did (it should not cause privacy problem as it's public info) to provide a convenient way to redirect user directly (when setting the INSTAGRAM_HTTP_REDIRECT env var).
I don't know if it's a good idea or if I should stick with the POST method but please tell me :)
The trick is that the challengeCode is passed through to Instagram API thanks to the state query param that will be set when using the INSTAGRAM_REDIRECT_URI that redirects to our website.
Any feed back is appreciated :)
Requirements
- A Facebook App with Instagram Basic Profile Product enabled and the
instagram_graph_user_profilepermission. - A website URL to redirect OAuth response (must be the same in .env & Facebook App)
Things left to do
- [ ] Fix the test request_instagram (HTTP GET) in api_handler.test.js
- [ ] Make a demo website
Very cool @anthonygraignic!
Seems like a good approach. The main difference between having a public post of the did is that the claim will be publicly verifiable by any third party. It's fine to do it in this way if you are fine with a larger trust assumption in the verification service.
Would love to see a demo website so that I can easily try this out before merging!
Thanks for the feedback ! Yes I get the public part, I will start that way and see if it is a problem. Maybe putting the did in the bio isn't a real problem 🤷♀️
Perfect, will do one and ping you !
Any update here @anthonygraignic ?
I'm on vacation and didn't had time to finish it before leaving sorry. It should be fine by the end of next week as I will be back.
Hi, sorry for the very long radio silence ! I'm clearly not the best contributor this time 😅
But I finally managed to find the time to deploy the services and make a sample app ! It's available at https://elastic-bartik-d64c0a.netlify.app/ and running on clay testnet.
I used the new Self.ID SDK and you can browse the source code here: https://github.com/anthonygraignic/ceramic-identitylink-instagram-example-website
The UX can be improved as you have to login a second time to generate the VC. I will try to find a solution for that, but it's working :)
I made a GIF of the full workflow :
For the test I had an unlocked Metamask and as I did a few iterations my 3ID Connect was operational (no additional modals or web3 signatures)
Don't hesitate to tell me if I need to make change to my code !