[
https://issues.apache.org/jira/browse/SHINDIG-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12586979#action_12586979
]
Kevin Brown commented on SHINDIG-185:
-------------------------------------
You're preaching to the choir. The fundamental problem here is with the spec --
and this isn't really the right forum for discussing that.
If we change it in Shindig, how will developers even know about the change? All
we can do is go with what the spec says.
If the decision to change the spec (without a new version) is made, I'm all for
it.
> Incorrectly named AuthorizationType
> -----------------------------------
>
> Key: SHINDIG-185
> URL: https://issues.apache.org/jira/browse/SHINDIG-185
> Project: Shindig
> Issue Type: Improvement
> Components: Gadgets Server - Java
> Reporter: Dirk Balfanz
> Assignee: Cassie Doll
> Attachments: patch-authenticated-2-oauth.txt
>
>
> I propose to change gadgets.io.AuthorizationType.AUTHENTICATED to
> gadgets.io.AuthorizationType.OAUTH.
> Here are a few reasons:
> - It's hard to remember the difference between "SIGNED" and "AUTHENTICATED".
> If "AUTHENTICATED" somehow authenticates my fetches, then what does "SIGNED"
> do? Signing is a common way to authenticate messages. Very confusing.
> - Assuming that the gadgets.io.AuthorizationType enumeration lists (despite
> its name) different ways to authenticate, then having "AUTHENTICATED" as an
> authentication type doesn't make any sense.
> - If in version 2.0 of opensocial we want to support a cool newfangled
> authentication scheme NEWAUTH, then it would be kind of lame to to be stuck
> with an enum of (NONE, SIGNED, AUTHENTICATED, NEWAUTH).
> The attached patch renames the AuthorizationType to OAUTH.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
