[jdev] OAuth and XMPP
stpeter at stpeter.im
Mon Jul 28 16:29:47 CDT 2008
Gaston Dombiak wrote:
> Hey Peter,
> I’m fine with not having those flows explained in the next version of
> the XEP. However, are we going to explain that tokens need to be
> validated and that more flows with other Oauth servers will be needed?
> My knowledge of OAuth went from 0% to 1% in the last weeks so I guess
> that adding some basic explanation of how things work is going to be
> useful for implementors that are no OAuth expert.
Yes there will be more examples and flows added to XEP-0235. :)
AFAICS, the basic idea is that your (say) pubsub service would act as an
OAuth "Service Provider" -- you could ask it for OAuth Request Tokens,
ask it to verify OAuth Access Tokens, etc.
Or so it seems to me...
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
More information about the JDev