incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Klo <jim....@sri.com>
Subject Re: OAuth via _users db
Date Fri, 17 May 2013 16:38:50 GMT
We use it in the same manner…  I'm not sure I understand the benefit of using secrets stored
in the ini file vs stored in the user document in _users?  We don't do 3-legged but do use
it in conjunction with BrowserID… We use BrowserID for developers to create an account and
generate the OAuth secrets to be used with our API and replication. Effectively we are doing
2-legged OAuth.

- JK

Jim Klo
Senior Software Engineer
Center for Software Engineering
SRI International
t.	@nsomnac

On May 17, 2013, at 9:16 AM, Martin Higham <martin@ocasta.co.uk>
 wrote:

> We use OAuth with our apps. The only part that is dynamic is the creation
> and sharing of the personal tokens. We dont need full 3 legged auth as we
> control the ecosystem and embed the pre-generated consumer keys in the app.
> 
> There is no way that I know of to combine _user & .ini pairs and I'm not
> sure why you'd want to.
> 
> Martin
> 
> 
> On 16 May 2013 23:21, Jan Krems <jan.krems@gmail.com> wrote:
> 
>> Hi,
>> I'm currently looking into exposing a couchapp to automated clients and I
>> would like to use OAuth so that the clients can cleanly operate in the name
>> of a given user. Do I see it correctly that there is still no support for
>> 3-legged OAuth? Is there a way to combine token/tokenSecret-pairs from
>> _users with configured consumer/consumerSecret-pairs from local.ini? Is
>> anyone really using OAuth with CouchDB and dynamic (run-time) configuration?
>> 
>> -Jan
>> 
>> 


Mime
View raw message