OAuth support

[Jared Bunting <ja...@digitalreasoning.com>]

Was wondering what the status/opinion of OAuth support (SHIRO-119) is?  I¹ve
been working on adding support to my application to allow shiro to act as an
OAuth provider ­ would a contribution be considered for inclusion?  Are
there existing opinions on how it should be done?  Restrictions, concerns?

Thanks,
Jared

Re: OAuth support

[Kalle Korhonen <ka...@gmail.com>]

On Mon, Jan 10, 2011 at 8:12 AM, Jared Bunting
<ja...@digitalreasoning.com> wrote:
> Was wondering what the status/opinion of OAuth support (SHIRO-119) is?  I¹ve

Nothing yet on that at least from my part. However, separately I've
been working on federatedaccounts/oauth based authentication add-on
module for Tynamo's tapestry-security (http://tynamo.org). It's easier
for me to work like that since I can expect a certain page flow, url
processing facilities and even (Hibernate/JPA) persistence layer. Some
of that work may find its way to Shiro (some other features were also
cultivated that way before they emerged in Shiro).

> been working on adding support to my application to allow shiro to act as an
> OAuth provider ­ would a contribution be considered for inclusion?  Are
> there existing opinions on how it should be done?  Restrictions, concerns?

It would absolutely be considered for inclusion! There's complexity
mostly around making it generic and transport agnostic. It'd be great
if we can put something together relatively quickly, we can refine the
api as we go along. I'd love to have an end-to-end OAuth-integration
testing to showcase the functionality.

Kalle