
OAuth 2.0 finalized - michaelfairley
http://dickhardt.org/2012/10/oauth-2-0/
======
anuaitt
If anyone wants to use Google Oauth2 with flask and User session management we
have Open sourced the project: <https://github.com/GrexIt/flask-login-oauth2>

------
sabret00the
Finally. Now if only more Android app developers would rely on an open OAuth
model rather than forcing users to use the stock browser.

------
j-kidd
I always feel that Hammer was the one holding things back. This article kind
of confirms that.

~~~
wsc981
I don't know if he was holding things back. I believe he wanted OAuth 2.0 to
be as simple as possible, which wouldn't make the spec very flexible, but it
would be easy to implement correctly.

I believe the committee had a lot of different ideas about how certain
problems should be approached and instead of choosing 1 solution they either
decided to keep some things open for the implementer or allowed several
solutions to a problem as part of the spec.

------
digeridoo
I wish that for OAuth 3 they would make it such that client and server can
separately sign the request and you don't have to share keys between the two.
That would be a great security enhancement.

------
mcav
And yet, here we are, with OAuth still a complex behemoth and everyone doing
login with Facebook, Twitter, or a poorly-implemented homegrown login system.

~~~
nailer
OAuth 1 was a behemoth. OAuth 2 is simple.

1\. Get a login URL. Send people here to log in.

2\. Receive an auth token if the user clicked allow on the login page

3\. Swap the auth token for access and renewal tokens.

Optional 4: Maybe renew if you expire.

~~~
Torn
So is the following critique out of date?
[http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-
hell...](http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/)

~~~
_ikke_
There are several flows possible with OAuth2. This is only one of them. So his
critique is based on the total of OAuth2, not this small part that is fairly
simple.

------
bagosm
Now that's a blog name that I sense will come strong given enough time and
care.

