On 5 March 2012 15:35, Franklin, Matthew B. <[email protected]> wrote:
> >-----Original Message----- > >From: Jasha Joachimsthal [mailto:[email protected]] > >Sent: Friday, March 02, 2012 12:07 PM > >To: [email protected] > >Subject: Managing OAuth tokens (RAVE-500) > > > >For (3-legged) OAuth the consumer key and secret need to be stored inside > >the database. At the moment it can only be done by hand, but that should > be > >moved to some admin interface. Our admin interface is a part of the > portal, > >but the OAuth model, service and repository is a part of Rave-Shindig. > >If we move o.a.r.gadgets.oauth.model/repository/service to rave-core > should > >it remain in its current package? > > I think that the consumer key & secret need to be read & writable from > core Rave; but, the majority of the functionality you built for managing > the authorization tokens etc IMHO doesn't belong in Rave. Thoughts? > The OAuth keys & secrets are not a part of the portal, so they should be managed by Rave-Shindig, but we don't have a manage UI for Shindig. We could create a REST interface to manage the keys & secrets, but only the portal knows if someone has the admin privileges to actually manage them. > > > > >Jasha Joachimsthal > > > >Europe - Amsterdam - Oosteinde 11, 1017 WT Amsterdam - +31(0)20 522 4466 > >US - Boston - 1 Broadway, Cambridge, MA 02142 - +1 877 414 4776 (toll > free) > > > >www.onehippo.com >
