I've been using UserVoice, which has something similar:
http://developer.uservoice.com/docs/single-sign-on-how-to
Basically what you have is this:
api key
account key
then you construct a login (from an authenticated player) with:
player id
player name
expiration date
etc.
Then you encrypt this whole package and send it back to UserVoice
whenever they want to leave feedback so that they are authenticated
through our app and UserVoice uses those credentials.
What I was thinking was something like this:
- User logs in using iPhone
- It sends auth request
- app returns an auth key
- iPhone constructs requests and sends them in the JSON object
(probably encrypted like the above) for the server to decrypt
What I'm curious is:
a) has someone already written some lib like this
b) if not would this be a valuable plugin for other grails devs to use
Thanks!
-warner
--
You received this message because you are subscribed to the Google Groups "Grails Startup Support Group" group.
To post to this group, send email to grails-startup...@googlegroups.com.
To unsubscribe from this group, send email to grails-startup-suppo...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/grails-startup-support-group?hl=en.
Yes, I was more interested in the idea of using tokens to authenticate
so that authentication could happen once (or weekly) rather than
trying to authenticate each time.
> I'm currently using basic auth (over HTTPS), but it'd be better to use OAuth
> (2.0). Unfortunately, I don't think there are any plugins for Grails yet.
> I think there's the start of one here:
> https://github.com/grails-plugins/grails-spring-security-oauth-provider
> Finishing the Grails plugin might end up being pretty easy since there's
> already a Spring Security module for OAuth 2.0:
> http://static.springsource.org/spring-security/oauth/oauth2.html
> To answer your question, yes, it'd be *very* valuable to have a nice OAuth
> 2.0 (Provider) plugin. I'd be happy to work a bit on that (I need it
> myself), though I'm not quite sure where to start yet.
Cool! Will have a look at those in the next few weeks. Thank you for
the links they should be helpful.
-warner