Hi. I'm developing an API through *web2py* framework and I would like to use the OAuth2 protocol to authenticate the user/app. I've seen some links ( http://hiidef.github.com/oauth2app/ and http://blog.savored.com/2011/10/14/oauth-server-authentication-in-pythondjango/) and I'm planning to develop something like that, but for *web2py*. Do you have interest in have OAuth2 on the core of the framework? It could be interesting and since I'll develop the solution, I could share it for everyone.
Best regards, João On Tuesday, May 29, 2012 3:39:06 AM UTC+1, Massimo Di Pierro wrote: > > Theoretically yes. In fact I may even have somewhere a Oauth 1.0 server. > > The problem is that the Oauth 2.0 specs are very poor. They specify how a > the client asks the server if a user is authenticated but do not say > anything about what information the server should provide to the client > (user name? email?). This means a client written for one server will only > work with that server and vice versa. The facebook Oath 2.0 follows its own > rules. You can build a client that works with it. You can build a server > that mimics them but there is very little in the Oauth 2.0 spects that > tells you how to. Moreover your app is unlikely to provide the same > services as facebook and therefore clients written for facebook will not > work for it. > > I would stay away from Oauth 2.0 unless you need it as a client to > authenticate to third party services. > > Massimo > > On Monday, 28 May 2012 20:25:52 UTC-5, Horus wrote: >> >> I have seen that web2py supports integration with Facebook + Twitter. >> What if I want to create my own OAuth2 Server like what is offered by >> Facebook and Twitter? >> Is this possible with Web2Py? > > --
