Oauth store
4 views
Skip to first unread message
Sébastien
Apr 1, 2009, 1:00:50 AM4/1/09
to CloudKit
Hi,
I am interested in using CloudKit for a small project and I would like
to use OAuth to secure the access to it. Where does one create or
specify the set of consumer_keys/consumer_secrets and store as well
the oauth_token that are then generated and allowed for subsequent
request? I could not find any documentation anywhere.
Thank you in advance!
Sébastien
I am interested in using CloudKit for a small project and I would like
to use OAuth to secure the access to it. Where does one create or
specify the set of consumer_keys/consumer_secrets and store as well
the oauth_token that are then generated and allowed for subsequent
request? I could not find any documentation anywhere.
Thank you in advance!
Sébastien
Jon Crosby
Apr 2, 2009, 10:52:52 AM4/2/09
to clou...@googlegroups.com
On Tue, Mar 31, 2009 at 10:00 PM, Sébastien <arna...@gmail.com> wrote:
>
> Hi,
>
> I am interested in using CloudKit for a small project and I would like
> to use OAuth to secure the access to it. Where does one create or
> specify the set of consumer_keys/consumer_secrets and store
At the moment, CloudKit only supports static consumer allocation (from
>
> Hi,
>
> I am interested in using CloudKit for a small project and I would like
> to use OAuth to secure the access to it. Where does one create or
> specify the set of consumer_keys/consumer_secrets and store
the OAuth Discovery spec). Static allocation means that no out-of-band
registration of a consumer is necessary. The default/static consumer
is advertised in CloudKit's OAuth Descriptor which you can access by
hitting "/oauth" while the filter is running. The default consumer key
is simply "cloudkitconsumer" and the consumer secret is blank. To
define your own consumer key/secret pairs that are unique to each of
your consumers along with a flow for registering these consumers, more
work is required within CloudKit. If you're interested in this
feature, I would be happy to start work on it today.
Prior to this work being completed, you could create your own
registration form and then store the values in the main CloudKit store
as "/cloudkit_oauth_consumers/yourkeyname" with a JSON structure of
{'secret':'yoursecret'}. CloudKit will look this up and verify it for
any request.
> as well
> the oauth_token that are then generated and allowed for subsequent
> request?
The endpoints for obtaining and authorizing these tokens are listed in
the descriptor mentioned above, at "/oauth". The storage locations are
cloudkit_oauth_request_tokens and cloudkit_oauth_tokens. Used nonces
are stored at cloudkit_oauth_nonces.
> I could not find any documentation anywhere.
and will put it on the main site as soon as it is ready. Thanks for
sharing your question with the list; hopefully others with the same
question will be able to find this information prior to a full
tutorial being released.
-Jon
Reply all
Reply to author
Forward
0 new messages