episode 15: unhosted OAuth
48 views
Skip to first unread message
Michiel B. de Jong
Mar 28, 2013, 2:58:36 PM3/28/13
to unho...@googlegroups.com
a bit delayed (sorry!), here is this week's handbook episode:
https://unhosted.org/adventures/15/Unhosted-web-apps-and-OAuth.html
https://unhosted.org/adventures/15/Unhosted-web-apps-and-OAuth.html
Nick Jennings
Mar 29, 2013, 7:28:40 AM3/29/13
to unho...@googlegroups.com
Hi Michiel, interesting article.
A question, isn't using the 5apps CORS Proxy, using a hosted service?
It prompts the discussion: what are the idealogical & technical
differences between sockethub, the 5apps cors proxy, and a traditional
hosted service?
I'm interested to hear your thoughts, it seems kind of glazed over
(not addressed directly) in the article.
> --
>
> --- You received this message because you are subscribed to the Google
> Groups "Unhosted Web Apps" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to unhosted+u...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
A question, isn't using the 5apps CORS Proxy, using a hosted service?
It prompts the discussion: what are the idealogical & technical
differences between sockethub, the 5apps cors proxy, and a traditional
hosted service?
I'm interested to hear your thoughts, it seems kind of glazed over
(not addressed directly) in the article.
>
> --- You received this message because you are subscribed to the Google
> Groups "Unhosted Web Apps" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to unhosted+u...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
Michiel B. de Jong
Mar 29, 2013, 3:00:36 PM3/29/13
to unho...@googlegroups.com
On 2013-03-29 12:28, Nick Jennings wrote:
> Hi Michiel, interesting article.
>
> A question, isn't using the 5apps CORS Proxy, using a hosted service?
>
> It prompts the discussion: what are the idealogical & technical
> differences between sockethub, the 5apps cors proxy, and a
> traditional
> hosted service?
>
> I'm interested to hear your thoughts, it seems kind of glazed over
> (not addressed directly) in the article.
you're right, i should have discussed that in there. i'll add a
> Hi Michiel, interesting article.
>
> A question, isn't using the 5apps CORS Proxy, using a hosted service?
>
> It prompts the discussion: what are the idealogical & technical
> differences between sockethub, the 5apps cors proxy, and a
> traditional
> hosted service?
>
> I'm interested to hear your thoughts, it seems kind of glazed over
> (not addressed directly) in the article.
paragraph.
basically, i hadn't really thought about it much. i guess the right
thing to do would be allow the user to specify a custom proxy to use,
and leave the 5apps one only as a default.
this could be either at runtime or at install time (we could add a
readme file to the app that explains how to choose your cors proxy by
editing the code).
technically, i would say the cors proxy functions as a simplified
alternative for a subset of sockethub's functionality. i'm in two minds
about whether for instance a freedombox should contain remoteStorage +
sockethub + a cors proxy, or just remoteStorage + sockethub. maybe if an
app already uses sockethub, then it should also use sockethub for
cors-proxying, but if it doesn't, then it makes sense maybe to use only
a cors-proxy that just requires prefixing the URL with an extra string.
but that means that a user who want to control their data would have to
run 3 services instead of 2, so it's not ideal.
in practice, you are already trusting 5apps to not insert eavesdropping
code into the app, so it makes sense that they also host the proxy. but
then as we open-source the app, we should do it in such a way that a
user can host it themselves and use sockethub for the cors-proxy part.
does that make sense?
Nick Jennings
Mar 29, 2013, 3:22:05 PM3/29/13
to unho...@googlegroups.com
Yeah, that pretty much sums up my thoughts as well.
A CORS proxy for sockethub is trivial to implement, though it would be
via. a WebSocket, so a little different than the 5apps one. (It could
be done with a normal HTTP request, but it would veer from the
structure already in place, and I don't think that would be worth the
benefit)
On Fri, Mar 29, 2013 at 8:00 PM, Michiel B. de Jong
A CORS proxy for sockethub is trivial to implement, though it would be
via. a WebSocket, so a little different than the 5apps one. (It could
be done with a normal HTTP request, but it would veer from the
structure already in place, and I don't think that would be worth the
benefit)
On Fri, Mar 29, 2013 at 8:00 PM, Michiel B. de Jong
Reply all
Reply to author
Forward
0 new messages