I'm still new to HN in general so this is probably a a rather mundane/ignorant comment - apologies - but why is this at the top of HN at the moment?
There is no content in this post, no useful points, no specific examples of what is wrong (although there is an example of how to do it right - thanks for that). No call to action other than "Do it better!".
I'm not saying it isn't worth talking about, I'm just honestly curious how the HN algorithm works that this has made it to the top. Is freshness so highly weighted?
Weekends are typically a bit slower, so getting 18 points (upvotes) in 45 minutes is enough to put something near the top of the list. It will likely move down somewhat quickly.
But for weekend content, it had enough "content" to matter. Weekday content tends to be more technical. At least, that's my observation over the past few years.
Come on to you too... this is utterly useless article. The providers won't read it but us consumers will. So make it more useful by explaining the readers which OAuth APIs are broken and how and then show us what are the workarounds. Thanks.
I have to say, Facebook on Android does it best. They publish an open source library on GitHub. You use that, and it will even check if the user is already logged in on that phone and reuse that.
I have no problem with Twitter, personally. I even provided the sample source code for using a common open source third party Twitter library to login on Android by OAuth for a book out there. But people say it just isn't as easy.
In this case the third party library does require other dependencies, some of which can break it, and other complexities. It also requires using either the Browser, or an internal web control to login and then return the token to the app. So it isn't as low fiction as Facebook for users, and I hear complaints from developers as well.
The article doesn't really provide anything specific - oAuth is actually hard to implement and the reason for variations is typically down to both dev cycles and differing opinions on security elements.
We see a lot of openAuth implementations (we provide infrastructure for it: http://www.3scale.net) and we try to help people be uniform, but the spec still has room for interpretation.
I think there'll be convergence - things like http://www.ifttt.com/ will encourage people to the straight and narrow - but it'll take time. Agree with some of the other commenters - not sure how much this article really helps: a detailed laundry list might be better.
There is no content in this post, no useful points, no specific examples of what is wrong (although there is an example of how to do it right - thanks for that). No call to action other than "Do it better!".
I'm not saying it isn't worth talking about, I'm just honestly curious how the HN algorithm works that this has made it to the top. Is freshness so highly weighted?