[jdev] OAuth and XMPP
Peter Saint-Andre
stpeter at stpeter.im
Mon Jul 28 16:29:47 CDT 2008
Gaston Dombiak wrote:
> Hey Peter,
>
> I’m fine with not having those flows explained in the next version of
> the XEP. However, are we going to explain that tokens need to be
> validated and that more flows with other Oauth servers will be needed?
> My knowledge of OAuth went from 0% to 1% in the last weeks so I guess
> that adding some basic explanation of how things work is going to be
> useful for implementors that are no OAuth expert.
Yes there will be more examples and flows added to XEP-0235. :)
AFAICS, the basic idea is that your (say) pubsub service would act as an
OAuth "Service Provider" -- you could ask it for OAuth Request Tokens,
ask it to verify OAuth Access Tokens, etc.
Or so it seems to me...
/psa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://www.jabber.org/jdev/attachments/20080728/e4fcd78d/attachment-0002.bin>
More information about the JDev
mailing list