[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OAuth2 implementation in Elisp
From: |
Ted Zlatanov |
Subject: |
Re: OAuth2 implementation in Elisp |
Date: |
Mon, 26 Sep 2011 12:00:23 -0500 |
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) |
On Mon, 26 Sep 2011 17:04:18 +0200 Julien Danjou <address@hidden> wrote:
JD> On Mon, Sep 26 2011, Ted Zlatanov wrote:
>> I hope I don't have to know how to implement OAuth2 in order to
>> understand your answer to that question.
JD> No. But you have to understand how it works and how to use it at least,
JD> so your questions would make sense. Right now you are just proving you
JD> know nothing about OAuth 2 and that you don't trust my judgement on
JD> implementing things.
That's a stretch based on my questions, especially the latter part.
JD> Which could put me in a bad mood.
Sorry to hear that. I am interested in a) using this code myself, and
b) making sure users don't send me questions like "what do I do now?
Emacs is asking me to enter some code." From my viewpoint what you
posted will not help with (b). Upsetting you was not intended.
JD> Now, I'll explain why we can't make Emacs act like a Web apps to you.
JD> When the client is a native client (like Emacs), the user is sent to an
JD> URL where the OAuth provider prints the following:
JD> "The application $REGISTERED-APPLICATION-NAME is trying to access your
JD> data in $THIS-WAY. Is this OK?
JD> [YES] [NO]"
JD> If the user clicks yes, an authorization code is printed, the user give
JD> it to Emacs, and Emacs can obtain an access token from the OAuth
JD> provider to access the user data. Point.
JD> If the client is a Web application, the user is sent to the same URL,
JD> but when clicking [YES], no code are printed: instead the user is
JD> redirected by to the Web application.
This is what I saw in the IETF draft. It is the better workflow.
Asking users to retype visible strings in Emacs is... unusual for an API.
Why can't Emacs pretend to be a Web application? Is it somehow less
capable than other web browsers?
Thanks
Ted
- Re: OAuth2 implementation in Elisp, (continued)
- Re: OAuth2 implementation in Elisp, Tassilo Horn, 2011/09/26
- Re: OAuth2 implementation in Elisp, Lars Magne Ingebrigtsen, 2011/09/26
- Re: OAuth2 implementation in Elisp, Tassilo Horn, 2011/09/26
- Re: OAuth2 implementation in Elisp, Lars Magne Ingebrigtsen, 2011/09/26
- Re: OAuth2 implementation in Elisp, Ted Zlatanov, 2011/09/26
- Re: OAuth2 implementation in Elisp, Julien Danjou, 2011/09/27
- Re: OAuth2 implementation in Elisp, joakim, 2011/09/27
- Re: OAuth2 implementation in Elisp, Ted Zlatanov, 2011/09/27
- Re: OAuth2 implementation in Elisp, joakim, 2011/09/27
- Re: OAuth2 implementation in Elisp, Ted Zlatanov, 2011/09/27
- Re: OAuth2 implementation in Elisp,
Ted Zlatanov <=
- Re: OAuth2 implementation in Elisp, Vijay Lakshminarayanan, 2011/09/27
- Re: OAuth2 implementation in Elisp, Ted Zlatanov, 2011/09/26
- Re: OAuth2 implementation in Elisp, Ted Zlatanov, 2011/09/27
- Re: OAuth2 implementation in Elisp, Julien Danjou, 2011/09/27
- Re: OAuth2 implementation in Elisp, Ted Zlatanov, 2011/09/27
- Re: OAuth2 implementation in Elisp, Deniz Dogan, 2011/09/25
Re: OAuth2 implementation in Elisp, Stefan Monnier, 2011/09/23