Blog & news

Posts tagged with 'authorization'

  • What’s new in edge tog: OAuth support

    Posted over 3 years
    Tags: oauth, tog, authorization,

    In the spirit of the famous posts of Ryan Daigle we’re going to blog periodically about the current state of tog. Beginning with this very post we’ll start to sneak preview the features implemented on the tog edge code and the first one we want to talk about is the OAuth support we’re integrating in tog. For those that are not familiar with the concept of OAuth, it’s defined on its own site as:

    An open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.

    Basically what this means is that by supporting OAuth you’re giving other developers and yourself the chance to avoid the common social networking password anti-pattern. The use of this anti-pattern is very common as an (bad) effort to aggregate the social graph and data published in other sites. The OAuth protocol gives us a secure and open alternative to these authorization processes regardless of your role as consumer or provider of the data.

    In an OAuth authorization process the involved applications interchange a few “request/access” tokens and relay on the user to manage the privileges a site takes over the data stored by other. Using this workflow the user’s data is protected since its password is never ever given to any 3rd party and he/she retains the power to revoke the given privileges at anytime.

    There is an increasing number of providers that support OAuth and we’re trying to be as good web citizens as possible leveraging these standards in the tog platform. Our efforts are headed right now to provide every tog based social network the basic tools to be a consumer/provider of an OAuth authorization process out-the-box. We’ve been using Pownce as proof-of-concept of this authorization process as you can see in the following video:







    tog oauth implementation rc1 from Linking Paths on Vimeo. You can view it on HD here.

    The code is still sharp and far to be production-ready but we’re pretty excited with this feature since we see it like our first contribution to the open web, making tog a more robust and extensible platform.

    Comments (2) | Add a Comment


Suscribe to tog blog & news
Subscribe now!!

Tags

Archives