Re: [Snowy] OAuth in Snowy
- From: Rodrigo Moya <rodrigo gnome-db org>
- To: Sandy Armstrong <sanfordarmstrong gmail com>
- Cc: snowy-list gnome org
- Subject: Re: [Snowy] OAuth in Snowy
- Date: Thu, 25 Jun 2009 15:55:03 +0200
On Thu, 2009-06-25 at 05:31 -0700, Sandy Armstrong wrote:
> On Thu, Jun 25, 2009 at 4:46 AM, Brad Taylor<brad getcoded net> wrote:
> > Hey Sandy,
> >> Well, that won't really work unless you always use PLAINTEXT, as the
> >> consumer secret is part of the signature key and should be a known
> >> entity.
> >> However, per the OAuth spec:
> >> "The Consumer Secret MAY be an empty string (for example when no
> >> Consumer verification is needed, or when verification is achieved
> >> through other means such as RSA)."
> >> Maybe that's the best approach.
> >> Do we know if django-piston supports automatically adding new consumer
> >> keys that appear in requests? Probably not...we should probably
> >> implement that part ourselves.
> > Have you guys sorted this secrets issue out yet? Also, have you had a
> > chance to work on the Tomboy component of the OAuth support? I wonder
> > if we can make piston support both HTTP and OAuth for the time being so
> > we can get this patch committed.
> Well, since Piston doesn't seem to support empty secrets, we'll
> probably just make an "everybody" secret as Stuart suggests.
> I worked on Tomboy/OAuth a bit the other day, and it is coming along.
> I think I just need about half a day to finish it up.
if there's anything I can do to help you (given I know almost nothing
about OAuth), please let me know.
Rodrigo Moya <rodrigo gnome-db org>
] [Thread Prev