Libraries are no cure for stupidity. On the client side, you make two simple HTTP requests. The facilities to make these requests should be available and easy to use. Parsing JSON responses should be part of any modern web platform. The part that might need more work is handling of refresh tokens, storing credentials, and setting up the redirection endpoint. But these tend to be to application specific for a library to offer much value (unless it is a highly specific environment).
My point is that OAuth 2.0 was explicitly designed to work without a library on the client side, and it would actually be better if people building web services using OAuth as a client understood what they are doing and how the protocol works. My entire Facebook OAuth login code in node.js is about 30 lines, and that includes all the event handlers for the HTTP client calls. It is actually shorter than my Twitter OAuth code which uses an OAuth 1.0 library. What does add tremendous value is offering a service-specific SDK. In that context, OAuth is just a tiny detail. EHL > -----Original Message----- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of Marius Scurtescu > Sent: Friday, June 24, 2011 11:46 AM > To: Justin Richer > Cc: oauth WG > Subject: Re: [OAUTH-WG] Fwd: [oauth] Good list of OAuth open source? > > On Fri, Jun 24, 2011 at 11:11 AM, Justin Richer <jric...@mitre.org> wrote: > > To Eran: I really don't get your comment. Libraries are a very Good > > Thing and their use and development should be greatly encouraged by > > the OAuth community. The less that I have to write the Same Code As > > Last Time the better. > > +1 > > If you look at code that is not using a library you will notice that it is > full of > random validation, repeated all over the place. Also, you would be surprised > how many developers decide to parse JSON responses manually, just by > splitting on { : and , > > Marius > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
