[jira] Updated: (SHINDIG-897) Add 3-legged OAuth validation support for RESTful api

Mon, 09 Feb 2009 18:33:23 -0800 

     [ 
https://issues.apache.org/jira/browse/SHINDIG-897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Cassie Doll updated SHINDIG-897:
--------------------------------

    Attachment: alternativeOAuth.patch

I've attached an alternative implementation Jacky. Please have a look and then 
lets see how to combine our code. Differences in mine:

- I included the example OAuth servlet which turns Shindig into an actual oauth 
provider. (btw - i did not pull up the methods it uses in SampleOAuthDataStore 
to the interface because people shouldn't use the servlet without modifying it 
to fit their own container better)

- To me, the oauth library's java objects seem very bulky and unwieldy for 
simple things like data storage (like OAuthConsumer, OAuthAccessor etc) and 
have replaced all of that stuff with a simple OAuthEntry and a string map for 
consumer secrets. hopefully this will make things clearer for implementers of 
the library

- I combined the two OAuth services like you mentioned

- in practice, i'm not sure anyone ever needs anything besides the 
simpleoauthvalidator because they can implement any container specific auth 
checking within other calls... someone speak up if you do want to override the 
validator though. (i just think the validator apis are so hard to understand at 
a first glance that it's nice to execute them in common code)

Please let me know what you think!

> Add 3-legged OAuth validation support for RESTful api
> -----------------------------------------------------
>
>                 Key: SHINDIG-897
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-897
>             Project: Shindig
>          Issue Type: Improvement
>          Components: RESTful API (Java)
>            Reporter: Jacky Wang
>            Priority: Minor
>         Attachments: alternativeOAuth.patch, 
> supports-3-legged-oauth-validation.patch, 
> supports-3-legged-oauth-validation.patch
>
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> RESTful API now supports 2-legged OAuth, and we'd like to see it supports 
> validation for requests issued by 3-legged OAuth client.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to