oauth-provider

Rspec testing for oauth provider

不羁的心 提交于 2019-12-07 04:41:02
问题 I'm writing a API that's also an OAuth provider. Is there any recommended way to write your rspec tests? After you enable oauth to protect all of your endpoints, how do you write rspec tests that will pass the authentication step? 回答1: If you are using the oauth and oauth-plugin gems, this post might help you: http://peachshake.com/2010/11/11/oauth-capybara-rspec-headers-and-a-lot-of-pain/ Yet, the oauth-plugin gem generates some specs which include a helper to help you simulate the

How to provide OAuth services from website.?

旧街凉风 提交于 2019-12-07 04:23:20
问题 OAuth allows the you the User to grant access to his private resources on one site to another site. But how exactly does this happen. And if I want to provide OAuth features in my site, (both as Service Provider and consumer), how do I go about doing it. I'm using a Fedora 13 based server. And is it possible to configure Round Cube / Squirrel Mail to provide these Services. Like as of now all my users have mail account in the server, I want the credentials in the mail to be used to provide

Grails: Securing REST API with OAuth2.0

前提是你 提交于 2019-12-05 01:45:08
问题 I am building a REST API using Grails. I want it to be protected using OAuth2.0 client_credentials flow(grant_type). My use-case is as follows: a external agent will send a request to something like http://server-url/oauth/token?client_id=clientId&client_secret=clientSecret&grant_type=client_credentials and obtain a access_token. Then, my URL(protected resource) should be accesible with something like http://server-url/resource?access_token={access-token obtained before} I am looking for

Using asp.net 4.5 OAuth to register google with clientid and secret

旧时模样 提交于 2019-12-05 01:35:08
问题 I notice in the asp.net 4.5 template, all the authorization samples besides google pass in secret and clientid. How can I pass in my google secret and clientid? Brock has a good discussion here that I'm following: http://info.develop.com/blogs/bid/232864/ASP-NET-Using-OAuthWebSecurity-without-SimpleMembership#.UNuBh2_Adv9 The sample code is as follows that comes with the template. internal static class AuthConfig { public static void RegisterOpenAuth() { // See http://go.microsoft.com/fwlink/

Grails: Securing REST API with OAuth2.0

点点圈 提交于 2019-12-03 15:40:13
I am building a REST API using Grails. I want it to be protected using OAuth2.0 client_credentials flow(grant_type). My use-case is as follows: a external agent will send a request to something like http://server-url/oauth/token?client_id=clientId&client_secret=clientSecret&grant_type=client_credentials and obtain a access_token. Then, my URL(protected resource) should be accesible with something like http://server-url/resource?access_token={access-token obtained before} I am looking for something that makes doing this on Grails easy and quick. What will be the best way/tool/plugin to use for

Implementing a 2 Legged OAuth Provider

断了今生、忘了曾经 提交于 2019-12-03 04:30:40
问题 I'm trying to find my way around the OAuth spec, its requirements and any implementations I can find and, so far, it really seems like more trouble than its worth because I'm having trouble finding a single resource that pulls it all together. Or maybe it's just that I'm looking for something more specialized than most tutorials. I have a set of existing APIs--some in Java, some in PHP--that I now need to secure and, for a number of reasons, OAuth seems like the right way to go. Unfortunately

Rails two-legged OAuth provider?

余生长醉 提交于 2019-12-03 03:45:46
I have a rails 2.3.5 application with an API I wish to protect. There is no user - it is an app to app style webservice (more like an Amazon service than facebook), and so I would like to implement it using a two-legged OAuth approach. I have been trying to use the oauth-plugin server implementation as a start: http://github.com/pelle/oauth-plugin ...but it is built expecting three-legged (web redirect flow) oauth. Before I dig deeper into making changes to it to support two-legged, I wanted to see if there was an easier way, or if someone had a better approach for a rails app to implement

Secure OAuth in Javascript

流过昼夜 提交于 2019-12-03 03:11:58
问题 I have an api which uses OAuth 1.0a to authenticate applications using it. It's replacing an old api which used a number of custom built and hodge-podge calls which are being deprecated. It's well known that OAuth 1.0a is not secure in (client-side) Javascript since it relies on the consumer secret being kept secret. Which is not possible since the source is always viewable. We have browser extensions for Chrome, Firefox, IE and Safari which need to use this api in the future. These

Implementing a 2 Legged OAuth Provider

风格不统一 提交于 2019-12-02 17:42:24
I'm trying to find my way around the OAuth spec, its requirements and any implementations I can find and, so far, it really seems like more trouble than its worth because I'm having trouble finding a single resource that pulls it all together. Or maybe it's just that I'm looking for something more specialized than most tutorials. I have a set of existing APIs--some in Java, some in PHP--that I now need to secure and, for a number of reasons, OAuth seems like the right way to go. Unfortunately, my inability to track down the right resources to help me get a provider up and running is

CakePHP 2.0 and mobile application authentication

自古美人都是妖i 提交于 2019-12-01 11:29:56
I'm going nuts over here! I've got a website I am making in CakePHP that will form the back end of a mobile application. It is not a mobile website, it's designed purely to be used for a smartphone application. That being said: The application needs the user to login. But I just cannot seem to find the right way to implement this. The BasicAuthenticate AuthComponent seems to hate me and doesn't make debugging easy. There's an OAuth 2.0 Provider plugin for CakePHP 2.0 , but I can't figure out how to make it 2 legged, as the app won't be relying on the website to display a login form. I really