Re: Add OAuth support for Shiro

[jleleu <le...@gmail.com>]

Hi,

I added OAuth client support in Shiro for Windows Live and WordPress
accounts. I also updated the demo
(https://github.com/leleuj/scribe-up-shiro-demo).
Best regards,
Jérôme


--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-tp7240738p7573846.html
Sent from the Shiro Developer mailing list archive at Nabble.com.

Re: Add OAuth support for Shiro

[jleleu <le...@gmail.com>]

Hi,

I'm glad that we finally add my module as an official extension to support
OAuth in Shiro : https://github.com/bujiio/buji-oauth.
I just updated the documentation.

Any feedback will be greatly appreciated...

Can we imagine doing the same for the CAS support ?

Thanks.
Best regards,
Jérôme


--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-tp7240738p7577544.html
Sent from the Shiro Developer mailing list archive at Nabble.com.

Re: Add OAuth support for Shiro

[jleleu <le...@gmail.com>]

Hi Les,


Thanks for your feedback.

I do understand your concern about minimizing dependencies but for OAuth
client part, I think that it's a good solution.
So I'd like to propose to you a solution : why not split the OAuth module in
two parts ? shiro-oauth-client and shiro-oauth-server modules. As these
modules address very different goals, I wouldn't be surprised to have two
modules. Moreover, I'm not sure that it would be really possible to use the
same library for both usages.


About Scribe and ScribeUP :

I think that Scribe is a great library supporting OAuth 1.0 and 2.0
protocols with many providers. It's higly maintained and always improving.
If you know a better OAuth library, I'll be happy to take a look at it, but
I still believe Scribe is the best one.

But Scribe is "just" about OAuth protocol : authenticating a user is not
sufficient, you certainly want to know who he is : that's where ScribeUP
comes into play : it's built on top of Scribe to get user profile after
OAuth authentication (in a web oriented way). It's a huge work to get
profiles from providers and I spent a lot of time doing this : I didn't find
any library doing something similar. 8 providers (the most "famous" I hope)
are already available through ScribeUP.

When I started to develop OAuth client support for CAS project, the idea
popped out that the user profiles part could exist on its own and can be
reused for other libraries like Shiro. That is how ScribeUP was borned.
Right now, cas-server-support-oauth module 3.5.0 is built on ScribeUP 1.0.0
and the next version will be built on ScribeUP v1.1.0 :
https://wiki.jasig.org/display/CASUM/OAuth.
ScribeUP version 1.0.0 could really be improved and that's what I did in
version 1.1.0, the library is totally abstracted from Scribe and easier to
manipulate and initialize.


I'm not sure to understand the use case you have mind for REST API. Is it
about OAuth *client* support ?
IMHO, it's clear that the most wanted use case for OAuth client support is
the ability to create web applications for Facebook, Twitter... and for
that, my shiro-oauth(-client) module is totally appropriate.
That's exactly what the demo https://github.com/leleuj/scribe-up-shiro-demo
intends to demonstrate.


Thanks.
Best regards,
Jérôme


--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-tp7240738p7577512.html
Sent from the Shiro Developer mailing list archive at Nabble.com.

Re: Add OAuth support for Shiro

[Les Hazlewood <lh...@apache.org>]

Hi Jerome,

It looks pretty good, although I'm not sure we can force a Scribe-Up
dependency on everyone who wants to use OAuth.  IMO, the base OAuth
support module should support a single OAuth 3rd party library and
minimize the number of dependencies.

Perhaps additional oauth extensions (e.g. scribe-up) can be added in
addition to the core OAuth module.

On a side note, one personal frustration I have with Scribe is that it
does not support re-computing the OAuth signature on HTTP Redirects.
This is bad for REST APIs for example, which can often use HTTP
redirects for resource relocation.  There should be a better solution
IMO.

--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk

On Sun, Jul 8, 2012 at 5:31 AM, jleleu <le...@gmail.com> wrote:
> Hi,
>
> Did you get some time to look at my OAuth client module for Shiro ?
>
> I am very excited about your feedback and adding OAuth support in Shiro.
>
> Just let me know if I can ease your code review by any means.
>
> Best regards,
> Jérôme
>
>
> --
> View this message in context: http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-tp7240738p7577500.html
> Sent from the Shiro Developer mailing list archive at Nabble.com.

Re: Add OAuth support for Shiro

[jleleu <le...@gmail.com>]

Hi,

Did you get some time to look at my OAuth client module for Shiro ?

I am very excited about your feedback and adding OAuth support in Shiro.

Just let me know if I can ease your code review by any means.

Best regards,
Jérôme


--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-tp7240738p7577500.html
Sent from the Shiro Developer mailing list archive at Nabble.com.

Re: Add OAuth support for Shiro

[Les Hazlewood <lh...@apache.org>]

Cool stuff!  Thanks for sharing Jérôme!

Cheers,

--
Les Hazlewood
CTO, Stormpath | http://stormpath.com | 888.391.5282
twitter: @lhazlewood | http://twitter.com/lhazlewood
blog: http://leshazlewood.com
stormpath blog: http://www.stormpath.com/blog


On Wed, May 23, 2012 at 10:15 AM, jleleu <le...@gmail.com> wrote:
> Hi,
>
> I added OAuth client support in Shiro for Windows Live and WordPress
> accounts. I also updated the demo
> (https://github.com/leleuj/scribe-up-shiro-demo).
> Best regards,
> Jérôme
>
>
> --
> View this message in context: http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-tp7240738p7573846.html
> Sent from the Shiro Developer mailing list archive at Nabble.com.