oltu-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Łukasz Moreń <lukasz.mo...@gmail.com>
Subject Re: tidying-up the SVN space
Date Thu, 19 Jan 2012 21:02:04 GMT
I think OAuth 2.0 client has a good framework for message exchange with
OAuth server, so it could be base for OAuth 1.0a implementation.
However the most difficult thing is a requirement of cryptography in 1.0a,
this is one of the reasons why 2.0 spec came up.

I agree that would be good to have OAuth 1.0 in Amber (scribe e.g.), but
there are many widely used Java implementations already.
I am worried about its adoption. Just my three cents :)

Cheers, Lukasz

On Mon, Jan 16, 2012 at 4:25 PM, Simone Tripodi <simonetripodi@apache.org>wrote:

> Hola,
> The question I have is - and please take in consideration today I'm an
> outdated OAuth guy :) - : how hard is putting 1.0a support in current
> 2.0 client?
> TIA,
> Simo
>
> http://people.apache.org/~simonetripodi/
> http://simonetripodi.livejournal.com/
> http://twitter.com/simonetripodi
> http://www.99soft.org/
>
>
>
> On Mon, Jan 16, 2012 at 10:19 AM, Tommaso Teofili
> <tommaso.teofili@gmail.com> wrote:
> > 2012/1/14 Antonio Sanso <asanso@adobe.com>
> >
> >>
> >> On Jan 12, 2012, at 5:04 PM, Simone Tripodi wrote:
> >>
> >> > Ciao Antonio,
> >> >
> >> >>
> >> >> unless I am doing something wrong it looks like I still do not have
> any
> >> write/edit permission on the wiki.
> >> >>
> >> >
> >> > I am worried you'll have to contact INFRA[1]
> >> >
> >> >> If I am not completely wrong some major sites (e.g. twitter) are
> still
> >> using version 1.0a of the spec.
> >> >> For this reason, if we want to gather any crowd to use Amber it would
> >> be good to support at least client side also version 1.0a otherwise
> people
> >> would be oriented to use some other Java libraries (e.g. Scribe).
> >> >> The effort to do it for the client module should not be to huge, but
> >> there is obviously an overhead.
> >> >
> >> > That sounds a more than valid reason to implement 1.0a - can you make
> >> > a quick search to verify that please? TIA!
> >>
> >> Hi Simone, I can confirm Twitter is still using 1.0a .
> >> As a general consideration I also think that there are much more users
> >> interested to the client part than the one interested to the server part
> >> (like me :)).
> >>
> >
> > I agree that the client is an important part so I agree on the 1.0a
> > implementation.
> >
> >
> >> For this reason we could even think about a two phase release (first one
> >> we focus on the client/common modules) and second we focus on everything
> >> else.
> >>
> >
> > I think the best way of doing that is putting down a quick roadmap of
> > things to be done so that we can prioritize tasks and, eventually, split
> > those items in different phases.
> > BTW we are in the Incubator for a long time now so it'd be good to
> include
> > also a release / graduation plan.
> >
> >
> >> I hope you agree than one of our goal is to be mentioned here [0]and
> here
> >> [1] in order to increase the project exposure.
> >>
> >> WDYT?
> >>
> >
> > +1
> >
> > Tommaso
> >
> >
> >
> >>
> >> Regards
> >>
> >> Antonio
> >>
> >> [0] http://oauth.net/code/
> >> [1] http://oauth.net/2/
> >>
> >>
> >> >
> >> > I would propose to add that implementation in the current 2.0 impl,
> >> > rather than continue developing old stuff...
> >> >
> >> > best,
> >> > -Simo
> >> >
> >> > [1] https://issues.apache.org/jira/browse/INFRA
> >> >
> >> > http://people.apache.org/~simonetripodi/
> >> > http://simonetripodi.livejournal.com/
> >> > http://twitter.com/simonetripodi
> >> > http://www.99soft.org/
> >>
> >>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message