You are here

Home » API reference » OAuth 1.0 6

README.txt in OAuth 1.0 6

Same filename and directory in other branches
  1. 8.2 README.txt
  2. 8 README.txt
A best practices implementation of OAuth for Drupal.  

What is OAuth?

"An open protocol to allow secure API authentication in a simple and
standard method from desktop and web applications."

If you've ever used Flickr to connect with other systems, or added a
Facebook app that asks you what permissions you want to give, both are
examples of securely identifying yourself between systems without you
physically having to enter a password every time.

A very simplistic explanation is that OpenID is like your car key: you
have to be at the web page / service to log in.

OAuth is like a valet key, that you can hand to a website to operate
on your behalf, even when you're not there.

  * Community Site: http://oauth.net/
  * Wikipedia entry: http://en.wikipedia.org/wiki/OAuth
  * Specification: http://oauth.net/core/1.0/
  * Discussion Group: http://groups.google.com/group/oauth
  * PHP Library by Andy Smith (termie): http://code.google.com/p/oauth/

TO DO

1. allow OAuth between two Drupal sites
  a) have the token be passed etc.
  b) some small "thing" that can be done remotely and is non-trivial
  and has few if any dependiences (i.e. core D6 + Oauth on both sides)
  -- probably something with profile.module or username

2. Enable OAuth with some 3rd party system
  a) choose a particular service -- my recommendation is Magnolia --
  http://wiki.ma.gnolia.com/OAuth
  b) implement some small thing -- maybe the beginnings of a magnolia module

File

README.txt
View source 
  1. 

  2. A best practices implementation of OAuth for Drupal.  

  3. 

  4. What is OAuth?

  5. 

  6. "An open protocol to allow secure API authentication in a simple and

  7. standard method from desktop and web applications."

  8. 

  9. If you've ever used Flickr to connect with other systems, or added a

  10. Facebook app that asks you what permissions you want to give, both are

  11. examples of securely identifying yourself between systems without you

  12. physically having to enter a password every time.

  13. 

  14. A very simplistic explanation is that OpenID is like your car key: you

  15. have to be at the web page / service to log in.

  16. 

  17. OAuth is like a valet key, that you can hand to a website to operate

  18. on your behalf, even when you're not there.

  19. 

  20.   * Community Site: http://oauth.net/

  21.   * Wikipedia entry: http://en.wikipedia.org/wiki/OAuth

  22.   * Specification: http://oauth.net/core/1.0/

  23.   * Discussion Group: http://groups.google.com/group/oauth

  24.   * PHP Library by Andy Smith (termie): http://code.google.com/p/oauth/

  25. 

  26. TO DO

  27. 

  28. 1. allow OAuth between two Drupal sites

  29.   a) have the token be passed etc.

  30.   b) some small "thing" that can be done remotely and is non-trivial

  31.   and has few if any dependiences (i.e. core D6 + Oauth on both sides)

  32.   -- probably something with profile.module or username

  33. 

  34. 2. Enable OAuth with some 3rd party system

  35.   a) choose a particular service -- my recommendation is Magnolia --

  36.   http://wiki.ma.gnolia.com/OAuth

  37.   b) implement some small thing -- maybe the beginnings of a magnolia module