Martin Legris

Hi, I've been programming for longer than I like to admit.. I started developing for the web in 1997, wrote my first CGI scripts that talked to MySQL in C++. It has been a long journey since then; through Java (10+ years), PHP, HTML/JS, AS2, AS3, Android Developemnt, C#. I founded a startup in 2012 and raised 1M$; that has changed my perspective of programming forever! I like to explore interaction concepts.

Montreal 2026 sessions

oAuth2 - Client and Server Implementation

English session - Advanced

This is a workshop on oAuth2, how to implement on the client and server side. First I will describe the essential mechanics, and the "almost" standards (there exists a few implementations unfortunately).

Then I will describe, and allow you to diagram your own data structure and see how it integrates with your current data structure.

Then I will demonstrate how to generalize the implementation so it is database driven and not hard coded!

Passkeys, an implementation

English training

After a slow adoption, Passkeys will become the norm for authentication in the next few years. The main advantage is to do away with passwords altogether, making data breaches a lot less dangerous; more localized.

In this workshop we will dive deep into PassKeys, the mechanics, explaining in detail why it’s more secure than passwords and describing how it impacts the UX flow for signups and logins. Depending on the audience we will build either a NodeJS or Java implementation, complete with the front-end VanillaJS code.

The contents of the API exchange will be broken down, you will get familiar with the tools that allow you to debug your implementation, understand where things can go wrong and know how to fix them.

I will show you how different browsers treat the passkey flows, as they don’t behave exactly the same, and how to adapt the UX to create a seamless experience.

Finally we will look at passkey management from your client’s side.

Sample code will be provided in VanillaJS, Java, NodeJS and PHP.