Re: Online Accounts panel for 3.2

From: David Zeuthen <zeuthen gmail com>
To: Will Thompson <will thompson collabora co uk>
Cc: desktop-devel-list gnome org
Subject: Re: Online Accounts panel for 3.2
Date: Tue, 17 May 2011 10:27:04 -0400

Hi,

On Tue, May 17, 2011 at 9:39 AM, David Zeuthen <zeuthen gmail com> wrote:
> OTOH, if calculating the SASL response involves e.g. private API keys
> like it does for calculating the IMAP SASL response, see
>
>  http://code.google.com/apis/gmail/oauth/protocol.html
>
> then... then I think GOA _will have_ to contain D-Bus API for doing
> this.. because.. we might not want to add API for people to get the
> consumer private key because that precludes us from supporting
> services where the API key has to be kept a secret. I don't know. Then
> again, such TOS are more or less incompatible with free software so
> I'm not losing sleep if some downstream can't easily support them. I
> don't know. Can of worms.

Actually, sorry, I'm smoking crack here - the OAuth Consumer Secret is
of course needed for regular OAuth HTTP requests so we _will_ need to
expose the OAuth Consumer Secret in our APIs. Note that OAuth 2.0 and
bearer tokens just makes a lot of these things a lot easier since it
assumes a secure transport instead of allowing providers to use
insecure transports.

Cheers,
David

References:
- Re: Online Accounts panel for 3.2
  - From: David Zeuthen
- Re: Online Accounts panel for 3.2
  - From: Will Thompson
- Re: Online Accounts panel for 3.2
  - From: David Zeuthen
- Re: Online Accounts panel for 3.2
  - From: Will Thompson
- Re: Online Accounts panel for 3.2
  - From: David Zeuthen
- Re: Online Accounts panel for 3.2
  - From: Will Thompson
- Re: Online Accounts panel for 3.2
  - From: David Zeuthen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]