[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OAuth2 implementation in Elisp

From: Julien Danjou
Subject: Re: OAuth2 implementation in Elisp
Date: Mon, 26 Sep 2011 17:04:18 +0200
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.90 (gnu/linux)

On Mon, Sep 26 2011, Ted Zlatanov wrote:

> I hope I don't have to know how to implement OAuth2 in order to
> understand your answer to that question.

No. But you have to understand how it works and how to use it at least,
so your questions would make sense. Right now you are just proving you
know nothing about OAuth 2 and that you don't trust my judgement on
implementing things.
Which could put me in a bad mood.

Now, I'll explain why we can't make Emacs act like a Web apps to you.

When the client is a native client (like Emacs), the user is sent to an
URL where the OAuth provider prints the following:

"The application $REGISTERED-APPLICATION-NAME is trying to access your
 data in $THIS-WAY. Is this OK?

  [YES] [NO]"

If the user clicks yes, an authorization code is printed, the user give
it to Emacs, and Emacs can obtain an access token from the OAuth
provider to access the user data. Point.

If the client is a Web application, the user is sent to the same URL,
but when clicking [YES], no code are printed: instead the user is
redirected by to the Web application.

Therefore, I don't think there is any reasonable way to make Emacs parse
the authorization page and click YES itself instead of the user, or to
make Emacs a Web application that we can redirect the user to.

Julien Danjou

Attachment: pgpdfFCYGe5LP.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]