Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #22242

Re: OAuth 2.0 implementation

Path csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder.erje.net!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail
Return-Path <roland@catalogix.se>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.160
X-Spam-Level *
X-Spam-Evidence '*H*': 0.68; '*S*': 0.00; 'bishop': 0.09; 'openid': 0.09; 'cc:addr:python-list': 0.15; 'behalf,': 0.16; 'better?': 0.16; 'complicate': 0.16; 'finney': 0.16; 'keys,': 0.16; 'openid,': 0.16; 'stuart': 0.16; 'url:github': 0.16; 'wrote:': 0.21; 'alpha': 0.22; 'password.': 0.22; 'providers': 0.22; 'header :In-Reply-To:1': 0.22; '>>>': 0.24; 'work.': 0.25; 'cc:no real name:2**0': 0.26; 'cc:2**1': 0.26; 'cc:addr:python.org': 0.27; 'allows': 0.29; '27,': 0.29; 'subject:skip:i 10': 0.29; 'together.': 0.29; 'maybe': 0.31; 'url:mailman': 0.31; 'gets': 0.32; 'operations': 0.32; 'perform': 0.32; 'url:python': 0.34; 'there': 0.35; 'ben': 0.35; 'writes:': 0.35; 'url:listinfo': 0.36; 'really': 0.36; "i'm": 0.36; 'why': 0.36; '(for': 0.36; 'bringing': 0.36; 'but': 0.36; 'url:org': 0.36; 'charset:us- ascii': 0.36; 'thank': 0.37; 'some': 0.37; 'common': 0.38; 'client': 0.38; 'received:org': 0.38; 'someone': 0.38; 'proto:https': 0.39; 'address.': 0.39; 'uses': 0.39; 'being': 0.39; 'doing': 0.39; "can't": 0.39; 'allow': 0.39; 'act': 0.60; 'your': 0.60; 'close': 0.61; 'mar': 0.61; 'claim': 0.61; 'interactive': 0.61; 'such': 0.61; 'site': 0.62; 'provide': 0.62; 'real': 0.63; 'header:Message-Id:1': 0.65; 'account': 0.65; 'phone': 0.65; 'site.': 0.65; 'details': 0.69; '2012': 0.69; 'here:': 0.70; 'received:130': 0.73; 'behalf.': 0.84; '10:11': 0.91; 'picture': 0.97
X-Virus-Scanned amavisd-new at catalogix.se
Subject Re: OAuth 2.0 implementation
Mime-Version 1.0 (Apple Message framework v1257)
Content-Type text/plain; charset=us-ascii
From Roland Hedberg <roland@catalogix.se>
In-Reply-To <CADmi=6P56GZwDqJn-LbQneLTJwAboFPHQSAZXXs6j8fB8pMWwA@mail.gmail.com>
Date Tue, 27 Mar 2012 15:36:22 +0200
Content-Transfer-Encoding quoted-printable
References <1973354.3.1332816158529.JavaMail.geo-discussion-forums@pbae2> <87haxahh51.fsf@benfinney.id.au> <CADmi=6P56GZwDqJn-LbQneLTJwAboFPHQSAZXXs6j8fB8pMWwA@mail.gmail.com>
To Stuart Bishop <stuart@stuartbishop.net>
X-Mailer Apple Mail (2.1257)
Cc python-list@python.org, Ben Finney <ben+python@benfinney.id.au>
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.12
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups comp.lang.python
Message-ID <mailman.1038.1332855391.3037.python-list@python.org> (permalink)
Lines 59
NNTP-Posting-Host 2001:888:2000:d::a6
X-Trace 1332855391 news.xs4all.nl 6876 [2001:888:2000:d::a6]:55362
X-Complaints-To abuse@xs4all.nl
Xref csiph.com comp.lang.python:22242

Show key headers only | View raw

And then to complicate the picture you have OpenID Connect which is an attempt at
bringing OpenID and OAuth2.0 together.

By the way I have an implementation of OpenID Connect here:

https://github.com/rohe/pyoidc

-- Roland

27 mar 2012 kl. 11:59 skrev Stuart Bishop:

> On Tue, Mar 27, 2012 at 10:11 AM, Ben Finney <ben+python@benfinney.id.au> wrote:
>> Demian Brecht <demianbrecht@gmail.com> writes:
>> 
>>> I'm getting close to an alpha release of an OAuth 2.0 implementation
>>> (https://github.com/demianbrecht/py-sanction).
>> 
>> Thank you for doing this work.
>> 
>> As someone who uses OpenID, what can I read about why OAuth is better?
> 
> They are different, and often you need to use both.
> 
> OpenID allows web sites to authenticate someone. It is not really
> useful for anything not an interactive web site. The consuming site
> never gets your keys, it just gets confirmation from the provider that
> the user is who they claim they are and maybe some details that the
> provider chooses to provide such as an email address.
> 
> OAuth is for generating authentication keys that allow a program to
> authenticate as someone and perform operations on their behalf. You
> use OAuth to generate a key so that Foursquare can send messages via
> Twitter on your behalf, or so the Facebook client on your phone can
> access your account without storing your password. You also get
> authentication here, as you can't generate a key without being
> authenticated, but the real reason it is used instead of OpenID is so
> you can keep the key and keep using it to act as the user; you can
> keep using that key until it expires or it is revoked.
> 
> Authentication providers that don't provide a webapi just implement
> OpenID. Big sites like Google and Facebook implement both OpenID (for
> 'log in with your GMail account') and OAuth ('post this message to
> your Facebook wall').
> 
> -- 
> Stuart Bishop <stuart@stuartbishop.net>
> http://www.stuartbishop.net/
> -- 
> http://mail.python.org/mailman/listinfo/python-list

Roland

-----------------------------------------------------------
With anchovies there is no common ground 
-- Nero Wolfe

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-03-26 19:42 -0700
  Re: OAuth 2.0 implementation Ben Finney <ben+python@benfinney.id.au> - 2012-03-27 14:11 +1100
    Re: OAuth 2.0 implementation Roy Smith <roy@panix.com> - 2012-03-26 23:30 -0400
      Re: OAuth 2.0 implementation Ben Finney <ben+python@benfinney.id.au> - 2012-03-27 14:49 +1100
        Re: OAuth 2.0 implementation Roy Smith <roy@panix.com> - 2012-03-26 23:57 -0400
          Re: OAuth 2.0 implementation Ben Finney <ben+python@benfinney.id.au> - 2012-03-27 15:24 +1100
            Re: OAuth 2.0 implementation Jack Diederich <jackdied@gmail.com> - 2012-03-27 01:24 -0400
            Re: OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-03-26 22:30 -0700
              Re: OAuth 2.0 implementation Roy Smith <roy@panix.com> - 2012-03-27 10:18 -0400
                Re: OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-03-27 10:54 -0700
                Re: OAuth 2.0 implementation Mark Hammond <skippy.hammond@gmail.com> - 2012-03-28 14:42 +1100
    Re: OAuth 2.0 implementation Stuart Bishop <stuart@stuartbishop.net> - 2012-03-27 16:59 +0700
    Socket Error : Address still in use  (Conveting from python 1.5.2 to 2.7.1) Wong Wah Meng-R32813 <r32813@freescale.com> - 2012-03-27 09:41 +0000
    Re: OAuth 2.0 implementation Roland Hedberg <roland@catalogix.se> - 2012-03-27 15:36 +0200
  Re: OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-07-05 07:06 -0700
    Re: OAuth 2.0 implementation Alec Taylor <alec.taylor6@gmail.com> - 2012-07-06 01:19 +1000
      Re: OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-07-05 10:48 -0700
      Re: OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-07-05 10:48 -0700
        Re: OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-07-06 08:38 -0700
        Re: OAuth 2.0 implementation Demian Brecht <demianbrecht@gmail.com> - 2012-07-06 08:38 -0700
          Re: OAuth 2.0 implementation Alec Taylor <alec.taylor6@gmail.com> - 2012-07-07 04:41 +1000
          RE: OAuth 2.0 implementation "Demian Brecht" <demianbrecht@gmail.com> - 2012-07-06 11:49 -0700
          Re: OAuth 2.0 implementation Alec Taylor <alec.taylor6@gmail.com> - 2012-07-07 04:58 +1000

csiph-web