Good tutorial. Looking for this kind one for a long time. Suppose we have a web site in which we will have some personal information. This site actually needs authentication for viewing this personal information. And we have a gadget to get this information. In this case, to get data from that server, we need to authenticate into that site. If this gadget needs to use oAuth, how can we get the authentication token? I think, we must have oAuth server installed on the website, which serves these tokens. But how it can verify the requests coming from different clients before giving away a token? What I mean to say is, before giving token, server should be able to identify the request (person who is sending that request), and has to generate a token for that person, which cannot be used to get some others personal information. How all this happens with oAuth?
On Fri, Jul 18, 2008 at 8:10 PM, Gonzalo Aune <[EMAIL PROTECTED]> wrote: > Basically, OAuth is used for authenticate a user to a domain (like your > user > in Gmail), but without the need to pass your secret information to the page > which is asking for that information (like Linkedin does with your Gmail > account). It uses authentication tokens to get the information. > > Extract from OAuth webpage: > > OAuth allows you to share your private resources (photos, videos, contact > list, bank accounts) stored on one site with another site without having to > hand out your username and password. There are many reasons why one should > not share their private credentials. Giving your email account password to > a > social network site so they can look up your friends is the same thing as > going to dinner and giving your ATM card and PIN code to the waiter when > it's time to pay. Any restaurant asking for your PIN code will go out of > business, but when it comes to the web, users put themselves at risk > sharing > the same private information. OAuth to the rescue. > > ..... > > OAuth addresses that by allowing users to hand out tokens instead. Each > token grants access to a specific site (a video editing site) for specific > resources (just videos from last weekend) and for a defined duration (the > next 2 hours). > > More detailed in: http://oauth.net/documentation/getting-started - > End-User > Benefits > > G.- > > On Fri, Jul 18, 2008 at 7:38 AM, ajay singh < > [EMAIL PROTECTED]> > wrote: > > > Hi > > > > Can anyone explain me in brief what is the use Oauth library in shindig. > > What it does and how it does? > > > > Thanks > > Ajay kumar Singh > > > > > > >
