Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!news.glorb.com!npeer02.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail From: Demian Brecht Newsgroups: comp.lang.python Subject: Re: OAuth 2.0 implementation Date: Tue, 27 Mar 2012 10:54:40 -0700 (PDT) Organization: http://groups.google.com Lines: 37 Message-ID: <23005482.975.1332870880211.JavaMail.geo-discussion-forums@pbcr5> References: <1973354.3.1332816158529.JavaMail.geo-discussion-forums@pbae2> <87haxahh51.fsf@benfinney.id.au> <878vimhfdp.fsf@benfinney.id.au> <87zkb2fz7g.fsf@benfinney.id.au> <7909491.0.1332826232743.JavaMail.geo-discussion-forums@pbim5> NNTP-Posting-Host: 159.153.138.55 Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: posting.google.com 1332871264 31631 127.0.0.1 (27 Mar 2012 18:01:04 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Tue, 27 Mar 2012 18:01:04 +0000 (UTC) In-Reply-To: Complaints-To: groups-abuse@google.com Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=159.153.138.55; posting-account=US_9zQoAAABOtpKbrs9cDfYpbT6eMPnL User-Agent: G2/1.0 X-Received-Bytes: 3102 Xref: csiph.com comp.lang.python:22252 On Tuesday, 27 March 2012 07:18:26 UTC-7, Roy Smith wrote: > In article=20 > <7909491.0.1332826232743.JavaMail.geo-discussion-forums@pbim5>, > Demian Brecht wrote: >=20 > > OAuth 2.0 is still in draft status (draft 25 is the current one I belie= ve)=20 > > and yes, unfortunately every single server available at this point have= =20 > > varying degrees of separation from the actual spec. It's not a=20 > > pseudo-standard, it's just not observed to the letter. Google is the cl= osest=20 > > and Facebook seems to be the farthest away (Stack Exchange is in close = second=20 > > due to building theirs to work like Facebook's). >=20 > In practice, OAuth is all about getting your site to work with Facebook. = =20 > That is all most web sites care about today because that's where the=20 > money is. The fact that other sites also use OAuth is of mostly=20 > academic interest at this point. >=20 > The next player on the list is Twitter, and they're not even up to using= =20 > their own incompatible version of OAuth 2.0. They're still using OAuth= =20 > 1.0 (although, I understand, they're marching towards 2.0). Sure, with the initial surge of the Facebook platform, I'm sure there are m= any more applications that only work with Facebook. However, after the init= ial gold rush, I'm sure there will be more developers who see the potential= power of service aggregation (and not just for feeds ;)). I know I'm one o= f them. Of course, a lot of these thoughts are around niche markets, but isn't that= where the money is? Untapped, niche markets? That's a completely different= discussion though and would obviously be quite the thread derailment.