[
https://issues.apache.org/jira/browse/SHINDIG-897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12674541#action_12674541
]
Paul Lindner commented on SHINDIG-897:
--------------------------------------
Thanks Jacky -- Glad to have your thoughtful work going in on this.
I've round tripped this through the hi5 implementation at
http://sandbox.hi5.com and it seems like we're on the right track. The
OAuthData model is a good fit to the data model we already have for
applications, so consumer mapping was pretty easy. Storing tokens in memcache
was also easy. A couple of ideas:
* Make OAuthEntry a full bean. This would allow it to be used more easily in
JSP context.
* Add a method to get the absolute expiration time of a token/OAuthEntry --
this makes it easier when storing tokens in a cache (like Memcache)
* Consider replacing the ConcurrentHashMap in SampleOAuthData with an instance
of ehCache so that we can test tokens expiring from the data store.
* Consider standardizing on some property fields in the OAuthConsumer based on
metadata in the App XML. description, icon, and thumbnail come to mind.
I'd be happy to help get these done.
Cheers.
Paul
> Add 3-legged OAuth validation support for RESTful api
> -----------------------------------------------------
>
> Key: SHINDIG-897
> URL: https://issues.apache.org/jira/browse/SHINDIG-897
> Project: Shindig
> Issue Type: Improvement
> Components: Java
> Reporter: Jacky Wang
> Priority: Minor
> Attachments: alternativeOAuth.patch,
> supports-3-legged-oauth-validation.patch,
> supports-3-legged-oauth-validation.patch
>
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> RESTful API now supports 2-legged OAuth, and we'd like to see it supports
> validation for requests issued by 3-legged OAuth client.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
