Maybe use CAS instead of OAuth? https://wiki.jasig.org/display/CASC/Pycas
On Tue, Oct 11, 2011 at 7:16 PM, Kayode Odeyemi <drey...@gmail.com> wrote: > On Thu, Oct 6, 2011 at 5:15 PM, Jeff Gaynor <jgay...@ncsa.illinois.edu> > wrote: >> >> On 10/06/2011 08:34 AM, Kayode Odeyemi wrote: >>> >>> Hello friends, >>> >>> I'm working on a pretty large application that I will like to use oauth2 >>> on as an authentication and authorization mechanism. >>> >>> I understand fairly the technology and I have written my own >>> implementation before I stumbled on python-oauth2. >>> >>> I need advise on leveraging python-oauth2 api for creating consumer key, >>> creating consumer secret, access token and token secret. >>> >> This works well, but be advised that the original python oauth library had >> some serious issues, so was redone as python-oauth2. What is confusing is >> that it refers to OAuth version 1.0a, not the upcoming OAuth version 2.0, so >> make sure you read the right spec before using it, since they are very >> different indeed. >> >> There are *no* usable OAuth version 2..0 implementation in any language >> (usually Java comes first) that I know of, so you will get to role your own, >> which is hard. There are a few beta-level versions E.g. Twitter) but these >> are special cased to the author's needs. The spec itself is not quite ready >> either and since it has changed quite substantially in the last year, I >> suspect that everyone is waiting to see it settle to a steady state. >> > Jeff, I'm in the middle of a big confusion here and will need your help. > > I will like to know, can the request be signed just once and for all > subsequent request made, I can use the stored nonce, signature method and > token? My kind of setup is such that, I want the client app to be registered > once, such that for every request to a resource, as long as the required > parameters are available in the header (which would have been gotten at the > initial request), access is granted. > > Is this a correct interpretation of Oauth? > > Thanks > > > > -- > Odeyemi 'Kayode O. > http://www.sinati.com. t: @charyorde > > > -- > http://mail.python.org/mailman/listinfo/python-list > > -- http://mail.python.org/mailman/listinfo/python-list