> dkulp wrote: > > > >> 2. There are existing Java OAuth libraries. I am wondering if we could > >> use > >> one of them. From one hand maybe it is not good idea to make > >> cxf dependent on such library, but on the other > >> it's already tested and used by developers (mainly I mean Scribe lib). I > >> can write own implementation, just let me know what is your opinion. > > > > I'm definitely all for using a 3rd party lib if it will work for us. > > > > Standard caveat of course that it needs to be an Apache-compatible license > (no GPL or LGPL, for example). > > Google OAuth has an Apache licence; Scribe has it too. And I'm assuming Amber will have too. At the moment it appears Scribe or Google libs should do well; OAuth 1.0 can be split in well-defined phases and it seems the code which lives in those libs is very capable (main compexity - properly signing requests and forming OAuth requests). Perhaps some higher-level OAuth workflow library/code can be built as well eventually
cheers, Sergey Glen > -- > View this message in context: > http://old.nabble.com/-GSoC--OAUTH--OAuth-implementation-kick-off-tp28753099p28757558.html > Sent from the cxf-dev mailing list archive at Nabble.com. > >
