I know termie has commit-rights for the php library..
I haven't the most of time - but if someone where to give my commit-
rights,
I could review and commit some of the patches as they come in..
-fangel (who was prev. posting from his gmail-account, now his private)
On Nov 25, 2008, at 7:52 AM,
Hi Chris
I have previously volunteered to sieve through the patches, as well as
contribute with some as well..
The last time I created a few patches (looong time ago now) some got
accepted by termie, but not all
because there wasn't a place to discuss why all the changes I made,
were made..
Awesome.. Maybe you could help me out with commit-rights to /code/php
too..
-fangel
On Jan 15, 2009, at 9:39 AM, Chris Messina wrote:
>
> Done!
>
> http://groups.google.com/group/oauth-php/
>
> Chris
>
> On Thu, Jan 15, 2009 at 12:23 AM, Morten Fangel
> w
evengoslings.net/~fangel/oauth-explorer/oauth-explorer.zip
If you guys feel it's a better demo/example of the JS library, I
will gladly put it into the repo..
Regards
Morten Fangel
[0] http://googlecodesamples.com/oauth_playground/
--~--~-~--~~~---~--~~
You re
Hi Razak
I too just found a bug in percentEncode that made Safari create
invalid signatures on certain inputs. I have made a issue and a
patch, you can see if the patch makes it work in IE as well as
Safari..
(Or is the IE broken worse than just this issue?)
http://code.google.com/p/oauth/issues
The main thing holding back a php4 backport is the use of Exceptions..
Currently the php-library (as well as the oauth-php library iirc) uses
Exceptions when somethings goes wrong, or a parameter is missing or
similar..
So you would need to rewrite all functions throwing exceptions to
retu
You can try and look at the example code in
http://oauth.googlecode.com/svn/code/php/example/
I've been wanting to write a how-to on consumer implementation, and it
might as well be this weekend I do..
So, look at the examples and/or wait a few days till I've written a
proper how-to..
Regard
rvice provider.
>
> I had a look at the librarys, but looks a bit fuzzy to me.
> It looks like I can't use it directly without modifications.
> I have to customize the library to make it work on our own server,
> is it correct?
>
> Thanks and regards
> Grace
> On Fri
Hi Robin
Right - forgot about that case..
Basically what you're doing is turning $param['key1']['key2']..
['keyN'] into $param['key1[key2]..[keyN]] - is that correctly
understood?
In that case, wouldn't it be easier to just always apply this to all
of $params earlier on, seeing how it would
It should be noted that it won't continue to be able to set the
Authorization-header via JavaScript, so JS-clients will not be able to
support Authorization-headers in the future..
See the Editors Draft for reference (bullet point #5)
http://dev.w3.org/2006/webapi/XMLHttpRequest/Overview.html#
As it says on the comments on the SimpleOAuthDataStore:
/* A very naive dbm-based oauth storage
*/
Nevertheless you are completely right in your assessment..
I don't know of anyone actually using that sample
implementation, and if no one disagrees I will move
SimpleOAuthDataStore to a sepera
I was say that 'oob' would mean that the new auth.-flow, which means
that any callback received on the authentication-page would be
ignored..
A non-'oob'/non-url/non-existing callback received in the request-token
step means the usual flow, which means that callbacks received on the
auth.-page sh
As I stated elsewhere, I think it's easily possible to "auto-detect"
revision A without modified version-parameter, so I would go
for option 1.
I wouldn't oppose to option 3 either. We should either keep in line
with the "version is for the signature method, not the flow"-rule
(option 1) or bump
In short: OAuth and OpenID exists to cater to two different needs.
OpenID is authentication (verify that your login is correct)
OAuth is authorization (ensure you have the right to a protected
resource)
So OpenID is something you can use as a alternative to having user
+password stored for ea
I'll see if I can get time to whip a Rev A, PHP Service-Provider in
the weekend, if you can wait that long..
(And wasn't the Rev A edition of the spec more or less supposed to be
public now?
http://oauth.net/documentation/spec still only lists 1.0)
-Morten
On Jun 2, 2009, at 1:59 PM, robin
matured to it's own subdomain yet because I have a few features
I would like to add first when I get the time / motivation to do so..
It's located at:
http://sevengoslings.net/~fangel/oauth-explorer/
(Note it uses OOB callbacks and prompts for verifier code before
trying to fetch the
ll options for verifier codes? If the Request Token is requested with
an OOB callback, the verifier will usually be sort so people don't have
to manually enter a long string.
Regards
Morten Fangel
On Jun 7, 2009, at 7:17 AM, Eran Hammer-Lahav wrote:
> It means that once an Access Token
Hi David
What language are we talking here? Each library's API are kinda unique,
so if you're looking for help doing your implementation you need one
that
knows the specific languages library.
(And if you're just looking for some quick intro on OAuth myself and a
few
others are in IRC (#oaut
n Jun 7, 2009, at 10:07 AM, Morten Fangel wrote:
>
>>
>> Hi David
>>
>> What language are we talking here? Each library's API are kinda
>> unique,
>> so if you're looking for help doing your implementation you need one
>> that
>> knows
Hi Mandakini,
You want examples on how to to 2-legged consumers or 2-legged
service providers in PHP?
Currently 2-legged service-providers aren't supported (but easily
added by extending OAuthServer).
2-legged consumers would just be your standard consumer where
you pass in a blank access token a
I'll try to do my best to explain it.
With callbacks there is, from a users perspective, no difference. After
the user authorizes the app, the user is sent back to the consumer
like
http://consumer/post_authorize?oauth_token=x&oauth_verifier=y
The consumer then makes a background-call to change t
Hi,
I did some of the most recent patches on the
http://oauth.googlecode.com/svn/code/php/
library.. And speaking of two-legged and rev. a. - I actually have
done work on those, I just haven't had time to finish up on the work
(but they are running on the OAuth Sandbox which can be found a
ds,
>>
>>>> Camilo Usuga
>>
>>>> On 10 nov, 16:56, Jeff Hodsdon wrote:
>>>>> There is also a PEAR library,http://pear.php.net/package/HTTP_OAuth
>>>>> ,
>>>>> which has classes for being a provider.
>>
>>
/411-Writing-A-Simple-Twitter-Cl
>>>>> ...
>>
>>>>> Also recently came across this twitter impl. also on github
>>
>>>>> http://github.com/abraham/twitteroauth
>>
>>>>>> As far as i know it's ready with the OAuth Core 1.0 R
I have run the RSA-SHA1 tests as part of the unit test for the php
library.. They do indeed compute correctly to the values listed..
(I only test on the SBS compute up to the signature listed, the tests
doesn't build the SBS for themselves, but the building of SBS is
thoroughly tested elsewh
e without
checking. Does anyone have any objections? Especially if you, Termie, is
reading this - is it okay?
Regards
Morten Fangel
--
You received this message because you are subscribed to the Google Groups
"OAuth" group.
To post to this group, send email to oa...@googlegroups.com.
T
Morten
On Mar 2, 2010, at 9:05 PM, Andy Smith wrote:
> Sounds good to me, I've been too scattered lately to keep track of stuff,
> thanks for taking this over :)
>
> On Tue, Mar 2, 2010 at 12:02 PM, Morten Fangel
> wrote:
> Hi All
>
> As some might now, Andy
Hi Rich
Yes, there should be a few different out in circulation..
The datastore for the sandbox I made for people to test their consumers against
is here:
http://github.com/fangel/oauth-sandbox/blob/master/library/DataStorage.php
(Note that is uses a silly database-library for lookups, but you s
eful if
> you could detail them.
>
> Thanks again for your help.
>
> Cheers
> Rich
>
> On Mon, Apr 12, 2010 at 1:10 PM, Morten Fangel
> wrote:
> Hi Rich
>
> Yes, there should be a few different out in circulation..
>
> The datastore for the sandbox I
Iirc there isn't a terrible lot of documentation on the Javascript
library hosted on oauth.net.. I might be wrong though..
You can try and see if you can figure out how to use it by
looking at existing uses of it, i.e. my explorer:
http://sevengoslings.net/~fangel/oauth-explorer/
A more simple ex
On May 5, 2010, at 12:21 PM, Olivier Berger wrote:
> Hi.
>
> On Apr 12, 10:00 pm, Morten Fangel wrote:
>> Hi,
>>
>> Quick reply: I can't remember.. It's been a while since I changed the
>> library for rev. A and it's equally been a while since
OAuth 2.0 has no signatures because all the cryptography has been
moved from the OAuth layer to the transport-layer by requiring the use
of TLS. This makes it way easier to implement and for laymen to play
around with - akin to what made Twitter's API so popular
(Or, I could be horribly mistaken -
On Oct 13, 2010, at 6:41 PM, spidaman wrote:
> We've been working with a ruby client (uses the latest gem from
> http://github.com/oauth/oauth-ruby) that hits an API implemented with
> the php library at http://oauth.googlecode.com/svn/code/php/OAuth.php
> integrated in.
>
> Normal GETs and POSTs
33 matches
Mail list logo
