[
https://issues.apache.org/jira/browse/SHINDIG-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12586609#action_12586609
]
Kevin Brown commented on SHINDIG-185:
-------------------------------------
This is really an issue you need to bring up in the spec discussion. Until the
spec changes (or a consensus for a change has been reached), Shindig can't be
changed. We're a reference implementation of the spec.
http://groups.google.com/group/opensocial-and-gadget-specs
Not closing this because the patch makes perfect sense if the proposed spec
change is implemented. But it's important that NOBODY APPLY THIS PATCH UNLESS /
UNTIL THE SPEC IS CHANGED!
> Incorrectly named AuthorizationType
> -----------------------------------
>
> Key: SHINDIG-185
> URL: https://issues.apache.org/jira/browse/SHINDIG-185
> Project: Shindig
> Issue Type: Improvement
> Components: Gadgets Server - Java
> Reporter: Dirk Balfanz
> Attachments: patch-authenticated-2-oauth.txt
>
>
> I propose to change gadgets.io.AuthorizationType.AUTHENTICATED to
> gadgets.io.AuthorizationType.OAUTH.
> Here are a few reasons:
> - It's hard to remember the difference between "SIGNED" and "AUTHENTICATED".
> If "AUTHENTICATED" somehow authenticates my fetches, then what does "SIGNED"
> do? Signing is a common way to authenticate messages. Very confusing.
> - Assuming that the gadgets.io.AuthorizationType enumeration lists (despite
> its name) different ways to authenticate, then having "AUTHENTICATED" as an
> authentication type doesn't make any sense.
> - If in version 2.0 of opensocial we want to support a cool newfangled
> authentication scheme NEWAUTH, then it would be kind of lame to to be stuck
> with an enum of (NONE, SIGNED, AUTHENTICATED, NEWAUTH).
> The attached patch renames the AuthorizationType to OAUTH.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
