2-legged OAuth authentication
David Gouldin
OAuth authentication for my api. However, it appears that the
included OAuth library assumes a 3-legged model (requiring an OAuth
token to be present). From poking around, it looks like it would be
relatively simple to add a 2-legged option. I'd like to propose that
addition of a verify_two_legged_request in oauth.py much like
verify_request but only returning consumer and parameters, thus
alleviating the need for a token in the verification process.
Thoughts/ideas?
jathan.
Clone it, commit your changes, and then submit a pull request to the
jespern's django-piston repo. :)
> --
> You received this message because you are subscribed to the Google Groups "django-piston" group.
> To post to this group, send email to django...@googlegroups.com.
> To unsubscribe from this group, send email to django-pisto...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/django-piston?hl=en.
>
>
--
Jathan.
-
jespern
be much, much better than the version I've bundled.
It's been on my todo to replace ours for some time now, but I never
got around to it, and kind of hoped someone else would.
So if you're up for the task, I'd look at that. If not, you can make
your changes in piston as it is now, and I'll gladly merge your
changes in.
Jesper
[1]: http://github.com/simplegeo/python-oauth2
David Gouldin
http://bitbucket.org/jezdez/django-piston-python-oauth2/
I haven't looked at it in depth, just remembrer seeing it in passing.
If that's of no help, I'm certainly willing to give it a shot as I've
been pretty happy with the python-oauth2 library and would like to
continue using it in django-piston.
Jannis Leidel
Am 16.02.2010 um 21:41 schrieb David Gouldin:
> Looks like this might have been attempted some months ago (?)
>
> http://bitbucket.org/jezdez/django-piston-python-oauth2/
>
> I haven't looked at it in depth, just remembrer seeing it in passing.
> If that's of no help, I'm certainly willing to give it a shot as I've
> been pretty happy with the python-oauth2 library and would like to
> continue using it in django-piston.
Oh, that's a stub from when I tried to add RSA-SHA1 support to Piston. But python-oauth2 turned out to have lost the DataStore API [1] which is used by Piston, so I gave up after a little while and went another direction.
Jannis
1: http://github.com/simplegeo/python-oauth2/commit/143fb346521f07e20c0cb93073dbb6cfeab6fe43
David Larlet
Le 17 févr. 2010 à 00:13, Jannis Leidel a écrit :
>
> Am 16.02.2010 um 21:41 schrieb David Gouldin:
>
>> Looks like this might have been attempted some months ago (?)
>>
>> http://bitbucket.org/jezdez/django-piston-python-oauth2/
>>
>> I haven't looked at it in depth, just remembrer seeing it in passing.
>> If that's of no help, I'm certainly willing to give it a shot as I've
>> been pretty happy with the python-oauth2 library and would like to
>> continue using it in django-piston.
>
> Oh, that's a stub from when I tried to add RSA-SHA1 support to Piston. But python-oauth2 turned out to have lost the DataStore API [1] which is used by Piston, so I gave up after a little while and went another direction.
>
> Jannis
>
> 1: http://github.com/simplegeo/python-oauth2/commit/143fb346521f07e20c0cb93073dbb6cfeab6fe43
That's maybe the right time to define django-oauth as a dependency of piston [1] in order to avoid doing the switching work from oauth to oauth2 twice. It will avoid collisions too on syncdb [2]. I did the work to merge 1.0a stuff 5 months ago [3] and fix a lot of bugs since then, even critical ones [4] without reporting them to piston (my bad).
Thoughts?
David
[1] http://bitbucket.org/jespern/django-piston/issue/66/oauth-10a-support
[2] http://bitbucket.org/david/django-oauth/issue/3/collision-with-django-piston-on-syncdb
[3] http://bitbucket.org/david/django-oauth/overview/
[4] http://bitbucket.org/david/django-oauth/changeset/4ec55f467733/