[
https://issues.apache.org/jira/browse/SHINDIG-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12586885#action_12586885
]
Kevin Brown commented on SHINDIG-185:
-------------------------------------
There's a big problem here in that gadgets.io is a *core feature*. It's not
versioned, nor can it be.
There's absolutely no way to upgrade it in any non-trivial way until there's
radical change in the spec.
This is why implicit dependencies are an awful idea, and why components need to
be modular.
> Incorrectly named AuthorizationType
> -----------------------------------
>
> Key: SHINDIG-185
> URL: https://issues.apache.org/jira/browse/SHINDIG-185
> Project: Shindig
> Issue Type: Improvement
> Components: Gadgets Server - Java
> Reporter: Dirk Balfanz
> Assignee: Cassie Doll
> Attachments: patch-authenticated-2-oauth.txt
>
>
> I propose to change gadgets.io.AuthorizationType.AUTHENTICATED to
> gadgets.io.AuthorizationType.OAUTH.
> Here are a few reasons:
> - It's hard to remember the difference between "SIGNED" and "AUTHENTICATED".
> If "AUTHENTICATED" somehow authenticates my fetches, then what does "SIGNED"
> do? Signing is a common way to authenticate messages. Very confusing.
> - Assuming that the gadgets.io.AuthorizationType enumeration lists (despite
> its name) different ways to authenticate, then having "AUTHENTICATED" as an
> authentication type doesn't make any sense.
> - If in version 2.0 of opensocial we want to support a cool newfangled
> authentication scheme NEWAUTH, then it would be kind of lame to to be stuck
> with an enum of (NONE, SIGNED, AUTHENTICATED, NEWAUTH).
> The attached patch renames the AuthorizationType to OAUTH.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
