Technical Feedback
10 views
Skip to first unread message
szeto
Apr 13, 2010, 4:10:47 PM4/13/10
to xAuth
Hey guys,
Wanted to start a thread on technical feedback about the code you see
currently at http://dev.xauth.org.
Let us know what thoughts/questions you may have
Chris
Joseph Smarr
Apr 15, 2010, 11:58:48 PM4/15/10
to xa...@googlegroups.com
My main feedback is that I'm hoping we can shrink the size of the JS in both xauth.js and on the XAuth page, since those files will be the main source of latency for XAuth providers like Google. I realize you can get some savings when you minify the JS, but they both seem like they have extra functions and abstractions we can probably do without, no?
--
You received this message because you are subscribed to the xAuth group.
To post, send email to xa...@googlegroups.com
To unsubscribe from this group, send email to
xauth+un...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/xauth?hl=en
I'll also want to work with you guys on adding service-based interfaces to XAuth.extend and XAuth.retrieve (e.g. "are any domains in XAuth right now OpenID providers?") but we can do that after we do the initial launch (I'll send a proposed spec/code change when I have it a bit more polished).
Thanks, js
--
You received this message because you are subscribed to the xAuth group.
To post, send email to xa...@googlegroups.com
To unsubscribe from this group, send email to
xauth+un...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/xauth?hl=en
To unsubscribe, reply using "remove me" as the subject.
You received this message because you are subscribed to the xAuth group.
To post, send email to xa...@googlegroups.com
To unsubscribe from this group, send email to
xauth+un...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/xauth?hl=en
Allen Tom
Apr 16, 2010, 12:19:56 AM4/16/10
to xa...@googlegroups.com
On the technical front, my main concern is adding any latency to the Login flow. It seems that the only way to call Xauth.extend it to either add an interstitial page with the JS (not feasible), or to include the JS on every page on our site. Is there any other practical implementation?
On the administrative/political front, we still do not have a satisfactory answer as to who is going to run xauth.org domain. It seems that OIDF or OIX could be the answer. We’d definitely like some more clarity around this.
Allen
On the administrative/political front, we still do not have a satisfactory answer as to who is going to run xauth.org domain. It seems that OIDF or OIX could be the answer. We’d definitely like some more clarity around this.
Allen
On 4/15/10 8:58 PM, "Joseph Smarr" <jsm...@google.com> wrote:
My main feedback is that I'm hoping we can shrink the size of the JS in both xauth.js and on the XAuth page, since those files will be the main source of latency for XAuth providers like Google. I realize you can get some savings when you minify the JS, but they both seem like they have extra functions and abstractions we can probably do without, no?
I'll also want to work with you guys on adding service-based interfaces to XAuth.extend and XAuth.retrieve (e.g. "are any domains in XAuth right now OpenID providers?") but we can do that after we do the initial launch (I'll send a proposed spec/code change when I have it a bit more polished).
Thanks, js
On Tue, Apr 13, 2010 at 1:10 PM, szeto <sz...@meebo-inc.com> wrote:
Hey guys,
Wanted to start a thread on technical feedback about the code you see
currently at http://dev.xauth.org.
Let us know what thoughts/questions you may have
Chris
--
You received this message because you are subscribed to the xAuth group.
To post, send email to xa...@googlegroups.com
To unsubscribe from this group, send email to
For more options, visit this group at
http://groups.google.com/group/xauth?hl=en
To unsubscribe, reply using "remove me" as the subject.
Chris Messina
Apr 16, 2010, 8:12:40 PM4/16/10
to xa...@googlegroups.com
Once we have a clearer plan of action, including what we expect we'll need for technical infrastructure, yes, I would hope that the OIDF would run the server (we could accomplish this with a simple one-pager).
Eric has been in communication with Don and has suggested that Don is amenable to the idea.
Chris
--
Chris Messina
Open Web Advocate, Google
Personal: http://factoryjoe.com
Follow me on Buzz: http://buzz.google.com/chrismessina
...or Twitter: http://twitter.com/chrismessina
This email is: [ ] shareable [X] ask first [ ] private
Chris Messina
Open Web Advocate, Google
Personal: http://factoryjoe.com
Follow me on Buzz: http://buzz.google.com/chrismessina
...or Twitter: http://twitter.com/chrismessina
This email is: [ ] shareable [X] ask first [ ] private
Jian Shen
Apr 16, 2010, 8:53:34 PM4/16/10
to xa...@googlegroups.com
I totally agree on taking out the abstractions; that's next on the todo list.
-Jian
Joseph Smarr
Apr 16, 2010, 9:25:07 PM4/16/10
to xa...@googlegroups.com
Also, were you planning to allow XAuth.extend({ extend: "*", ...}) to let a provider say "any domain can see this", and if so, will it be ready by Monday? Right now I'm just extending to meebo and my own demo app, but clearly the intent is for any site to see that the user is logged in. Please advise...
Thanks, js
Joseph Smarr
Apr 16, 2010, 9:26:04 PM4/16/10
to xa...@googlegroups.com
To clarify, by "clearly the intent is..." I meant "since Google is just releasing the 'someone-is-logged-in' bit for now, our clear intention is that any site should be able to know that. :)
Jian Shen
Apr 16, 2010, 9:40:44 PM4/16/10
to xa...@googlegroups.com
Oh yeah, that's been implemented already.
You would specify an array with just one item ['*'] as the extend argument.
-Jian
Reply all
Reply to author
Forward
0 new messages