On 9 Jan 2012, at 14:16, Minh Tien Hoang wrote: > Hi Ross, > There are 3 profiles described in oAuth specification which regulate the > authorization workflow differently: authorization code, implicit grant and > resource owner password credentials. Current wookie trunk supports "implicit > grant" workflow, for this workflow, we need to input 2 parameters: URL end > point of authorization server and client id. Right now, the URL endpoint is > specified in widget configuration file, client id is generated automatically > (equals to widget instance id). So the process of creating widget is: > * generate the widget with ant seed-widget > * add URL endpoint of oauth authorization server in configuration file > * when develop widget, use the function oAuth.authenticate() to begin > authentication process to obtain the access token. > * when ever access the OAuthed service, use the function oAuth.proxify(url) > to have a proxified with access token of destination url. > But please note that client registration protocol is not in the scope of > oAuth 2 specification so the implementation could be different depending on > the client registration protocol implemented at server side. > As I see in bufferapp.com, it is now supports authorization code workflow so > with current implementation, wookie doesn't support. But I recently know that > facebook supports implicit grant. So I will return lately with an example > widget and patch if necessary.
Thanks Tien - also if we can create a Facebook example widget using the oAuth feature that would make a fantastic starting point for developers wanting to use it. > Best, > Tien. > > Le 05 Jan 2012 à 22:52, Ross Gardler a écrit : > >> I'm a complete newbie with OAuth and I'm finding the OAuth feature in >> wookie hard to understand, we really need some documentation. >> >> Would it be possible for someone to document how to create a widget >> that will connect to an OAuthed service. I'm particularly interested >> in the BufferApp API [1] which is an OAuth 2 implementation. However, >> any form of documentation would be greatly appreciated. In return I >> will make sure the docs go on the web and (at some undefined point in >> the future) build it into the templates system. >> >> Ross >> >> [1] http://bufferapp.com/developers/api/oauth >> >> -- >> Ross Gardler (@rgardler) >> Programme Leader (Open Development) >> OpenDirective http://opendirective.com >
