Abstract OAuth authentication process

[ghost]

Currently, before a client can use the user info endpoints (history and profile) they must go through a three step authentication with uber (https://developer.uber.com/v1/auth/#oauth-2-0) which results in them receiving an access token which they use to access these endpoints.

This issue is to figure out a way to abstract/hide this from the client, maybe by changing some construction parameters and authentication logic being handled in the construction.

[ghost]

Not sure if this is possible to do on our end since we need the end-user to login via uber. What do you guys think? @r-medina @sjkaliski

[sjkaliski]

In my opinion there are three options:

1. Leave it up to the user.
2. Take OAuth configuration as an argument when creating a client. See https://github.com/kurrik/twittergo, https://github.com/ChimeraCoder/anaconda)
3. Inject http routes in a similar way that net/http/pprof does (you can even use an "_" import).

I'm leaning towards the second option. Seems to be pretty standard across other api wrappers. https://github.com/garyburd/go-oauth is a good starting point.

[ghost]

Sounds good. What do you mean by taking the oauth configuration as an argument. Are you referring to the access_token (in which case the process is not abstracted) or something else?

[r-medina]

https://github.com/ChimeraCoder/anaconda/blob/47bdd6d45c8e335a34a5f4b94cd4ffbe1c172621/twitter.go#L60-L64

[r-medina]

@asubiott wanna knock this out sunday?

[r-medina]

https://github.com/r-medina/go-uber/pull/17