26rairden / oauth-signpost

Automatically exported from code.google.com/p/oauth-signpost
0 stars 0 forks source link

Add OAuth 1.0a support #7

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Signpost needs to be updated to reflect the changes imposed by OAuth Core
1.0a. The library must remain backwards compatible with 1.0 service providers.

Draft 3 of OAuth Core 1.0a spec:
http://oauth.googlecode.com/svn/spec/core/1.0a/drafts/3/

Seth Fitzsimmons was already so kind to contribute a patch which adds 1.0a
support:
http://github.com/mojodna/oauth-signpost/commit/0bc5a7bafc3c4829907d9c8033848bcc
e509a7af

What remains to do:

1) Patch trunk with Seth's changesets (or maybe open a branch for 1.0a?)
2) Write tests for 1.0a changes
3) Write tests that check whether Signpost works with both 1.0 and 1.0a
providers

Original issue reported on code.google.com by m.kaepp...@gmail.com on 5 Jun 2009 at 8:20

GoogleCodeExporter commented 9 years ago
These changes *should* be backward-compatible with providers implementing 1.0 
(it's assumed that they'll 
just ignore the additional parameters).  The presence of 
`oauth_callback_confirmed=true` when retrieving a 
request token determines whether the authorization URL will include the 
`oauth_callback`.

Sorry 'bout the lack of tests.  I was looking for quick and dirty ;-)  I'll try 
to avoid that in the future.

A quick summary of the changes in OAuth 1.0a is here:
http://mojodna.net/2009/05/20/an-idiots-guide-to-oauth-10a.html

(Since I wrote the patch, the post, and the Fire Eagle implementation, and 
sanity-checking the patch and the 
post probably makes sense. ;-)

Original comment by s...@mojodna.net on 5 Jun 2009 at 5:55

GoogleCodeExporter commented 9 years ago

Original comment by m.kaepp...@gmail.com on 18 Jun 2009 at 9:09

GoogleCodeExporter commented 9 years ago
This issue was closed by r47.

Original comment by m.kaepp...@gmail.com on 21 Jun 2009 at 11:42