[web2py] Re: Web2Py + OAuth2 Server

2014-09-24 Thread Richard Prosser
Massimo, If an OAuth2 server is viable, would it also support the "Two-Legged" authentication case? That is, I need to use OAuth2 to support a mobile app user logging in to a server and maintaining a long-term session, where both are produced by the same company (my employer). Please note tha

Re: [web2py] Re: Web2Py + OAuth2 Server

2012-10-14 Thread Michele Comitini
it was about time. Thanks for the info. 2012/10/14 Luther Goh Lu Feng > Seems that Oauth 2.0 is finalised as an official standard in IETF RFCS > 6749 and 6750: http://dickhardt.org/2012/10/oauth-2-0/ > > > On Monday, August 20, 2012 9:33:10 PM UTC+8, João Alves wrote: >> >> Hello, >> >> I didn'

[web2py] Re: Web2Py + OAuth2 Server

2012-10-13 Thread Luther Goh Lu Feng
Seems that Oauth 2.0 is finalised as an official standard in IETF RFCS 6749 and 6750: http://dickhardt.org/2012/10/oauth-2-0/ On Monday, August 20, 2012 9:33:10 PM UTC+8, João Alves wrote: > > Hello, > > I didn't develop an OAuth 2.0 server to the web2py's core but I wrote a > module instead. Yo

[web2py] Re: Web2Py + OAuth2 Server

2012-08-20 Thread João Alves
Hello, I didn't develop an OAuth 2.0 server to the web2py's core but I wrote a module instead. You can take a look here . Unfortunately, I don't have much time and I just implemented a version to work with pymongo + mongoDB, but it's quite easy to ex

[web2py] Re: Web2Py + OAuth2 Server

2012-07-30 Thread Massimo Di Pierro
We would be interested. Look at the way cas is integrated in auth (gluon/tools.py) and look at the oauth 2.0 client (gluon/contrib/login_methods/oauth20_account.py). It would be nice if: 1) an oauth 2.0 server were to be exposed in the same way as the cas server is exposed. 2) oauth20_account.

[web2py] Re: Web2Py + OAuth2 Server

2012-07-30 Thread João Alves
Hi. I'm developing an API through *web2py* framework and I would like to use the OAuth2 protocol to authenticate the user/app. I've seen some links ( http://hiidef.github.com/oauth2app/ and http://blog.savored.com/2011/10/14/oauth-server-authentication-in-pythondjango/) and I'm planning to deve

Re: [web2py] Re: Web2Py + OAuth2 Server

2012-06-15 Thread Alec Taylor
Looking forward to seeing this project come to light. I'm sure it'll bring a lot of people to web2py :) This is the latest version of the oauth2 lib I could find: https://github.com/operasoftware/python-oauth2 - But it seems to be oauth1 even though it says oauth2. Can someone confirm? On Wed, Ma

Re: [web2py] Re: Web2Py + OAuth2 Server

2012-05-29 Thread Horus
I am doing a bit on research on it and looking to wrap my head around it to build a server and client in Web2Py however, there isn't a lot of documentation and some implementations differ from other (I guess that is getting back to what Massimo said). Essentially, I will build a core system and

Re: [web2py] Re: Web2Py + OAuth2 Server

2012-05-29 Thread Michele Comitini
Yes it is definitely possible. OAuth2.0 was born because OAuth1.0 had all sort of hashing to do on both client and server side. That was to allow for better security, on a clear channel, but failed since OAuth1.0a is deprecated on non TSL channels. They really simplified things in OAuth2.0 so it i

[web2py] Re: Web2Py + OAuth2 Server

2012-05-28 Thread Massimo Di Pierro
Theoretically yes. In fact I may even have somewhere a Oauth 1.0 server. The problem is that the Oauth 2.0 specs are very poor. They specify how a the client asks the server if a user is authenticated but do not say anything about what information the server should provide to the client (user