Re: [snap] snaplet-oauth2: Request for feedback

[MightyByte]

I don't know much about OAuth, so I can't comment on those details, but what you've got so far is looking good to me.  It will be nice to have this in the Snap ecosystem.

On Tue, May 7, 2013 at 5:25 AM, Oliver Charles <ol...@ocharles.org.uk> wrote:

Hello!

For the last few months I've been working on-and-off on an OAuth 2 Snaplet. This Snaplet should enable people to add OAuth authentication to their application, without having to worry about how it all works. I've got the bulk of the work done, and I'm looking for some feedback on what I've done so far. There are two things that I would like people to have a browse through:

• A literate Haskell example of adding OAuth
• The Snap.Snaplet.OAuth2 API documentation

So far this is a fairly "minimal" library, and it does require work on the part of the application developer to add OAuth. In particular, you have to write a few handlers. I plan in the future to provide Heist splices or something to help ease writing these, along with support for Snap's stock authentication - but in the spirit of releasing often and early I will omit this work from the initial release.

In terms of remaining work until I do an initial release I want to:

• Provide a PostgreSQL backend
• Add support for refreshing access tokens
• Write a rudimentary test suite.
  

I look forward to hearing your thoughts!

- ocharles

--
 
---
You received this message because you are subscribed to the Google Groups "Snap Framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to snap_framewor...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Renzo Carbonara]

On Tue, May 7, 2013 at 6:25 AM, Oliver Charles <ol...@ocharles.org.uk> wrote:
> For the last few months I've been working on-and-off on an OAuth 2 Snaplet.
> This Snaplet should enable people to add OAuth authentication to their
> application, without having to worry about how it all works. I've got the
> bulk of the work done, and I'm looking for some feedback on what I've done
> so far. There are two things that I would like people to have a browse
> through:
>
> A literate Haskell example of adding OAuth
> The Snap.Snaplet.OAuth2 API documentation

This is good! Thanks for the big effort! I'm not an OAuth2 expert, but
still, I found the example quite easy to follow.

> So far this is a fairly "minimal" library, and it does require work on the
> part of the application developer to add OAuth. In particular, you have to
> write a few handlers. I plan in the future to provide Heist splices or
> something to help ease writing these, along with support for Snap's stock
> authentication - but in the spirit of releasing often and early I will omit
> this work from the initial release.

Sounds like a good plan.

> In terms of remaining work until I do an initial release I want to:
>
> Provide a PostgreSQL backend

Consider putting the PostgreSQL backend in its own package, so that
you snaplet-oauth2 doesn't incur a dependency on PostgreSQL for those
that won't be using that backend.


Regards,

Renzo Carbonara.

[Oliver Charles]

On 05/08/2013 10:23 PM, Renzo Carbonara wrote:
>> In terms of remaining work until I do an initial release I want to:
>>
>> Provide a PostgreSQL backend
> Consider putting the PostgreSQL backend in its own package, so that
> you snaplet-oauth2 doesn't incur a dependency on PostgreSQL for those
> that won't be using that backend.

Yep, that's the plan - snaplet-oauth2-postgresql, or something.

- ocharles