From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: OAuth2 implementation in Elisp
Date: Mon, 26 Sep 2011 09:36:44 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87y5xb4bgj.fsf@lifelogs.com>
References: <87sjnojl7j.fsf@keller.adm.naquadah.org>
	<4E7BAFA4.8090800@dogan.se> <4E7BAFE2.2090102@dogan.se>
	<87k490jkaw.fsf@keller.adm.naquadah.org> <87d3eo984j.fsf@lifelogs.com>
	<87mxdsbx1n.fsf@keller.adm.naquadah.org> <87litc695c.fsf@lifelogs.com>
	<87vcsfmxzd.fsf@keller.adm.naquadah.org>
Reply-To: emacs-devel@gnu.org
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1317047840 17685 80.91.229.12 (26 Sep 2011 14:37:20 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Mon, 26 Sep 2011 14:37:20 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Sep 26 16:37:16 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1R8CJ1-0007p9-NX
	for ged-emacs-devel@m.gmane.org; Mon, 26 Sep 2011 16:37:15 +0200
Original-Received: from localhost ([::1]:35982 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1R8CJ1-00052o-6s
	for ged-emacs-devel@m.gmane.org; Mon, 26 Sep 2011 10:37:15 -0400
Original-Received: from eggs.gnu.org ([140.186.70.92]:54057)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1R8CIy-00052e-BG
	for emacs-devel@gnu.org; Mon, 26 Sep 2011 10:37:13 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1R8CIw-0003RB-Rv
	for emacs-devel@gnu.org; Mon, 26 Sep 2011 10:37:12 -0400
Original-Received: from lo.gmane.org ([80.91.229.12]:38869)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1R8CIw-0003R0-Ho
	for emacs-devel@gnu.org; Mon, 26 Sep 2011 10:37:10 -0400
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1R8CIv-0007l4-6p
	for emacs-devel@gnu.org; Mon, 26 Sep 2011 16:37:09 +0200
Original-Received: from 38.98.147.133 ([38.98.147.133])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 26 Sep 2011 16:37:09 +0200
Original-Received: from tzz by 38.98.147.133 with local (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 26 Sep 2011 16:37:09 +0200
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 33
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: 38.98.147.133
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:drYU74G5UqwIf8Sfwnk57B+aK58=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: </archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:144306
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/144306>

On Mon, 26 Sep 2011 11:52:54 +0200 Julien Danjou <julien@danjou.info> wrote: 

>> That makes no sense.  You are asking the user to enter information Emacs
>> is displaying.  Can you grab that information for them, so they don't
>> have to enter it?

JD> No, this would kill the whole point of OAuth. You may want to take a
JD> look at the spec of the protocol to understand how it works. :)

On Sun, 25 Sep 2011 13:50:05 -0700 Justin Lilly <justin@justinlilly.com> wrote: 

JL> w/r/t the entering a string, this is part of how oauth2 works for
JL> desktop applications. The other workflow is for web apps specifically.
JL> Familiarizing yourself with the spec might make reviewing the code a
JL> bit more sane as it should clear up some of these ambiguities.

Why can't Emacs behave like a web app?

I used OAuth 1 which had a similarly annoying feature.  It made it very
unlikely for users to try my code and I got many bug reports.  So I hope
we can avoid it.

The OAuth 2 spec (I found it at http://tools.ietf.org/html/draft-ietf-oauth-v2-22)
seems to provide for a seamless experience where the user authenticates
against a server and then the security code is fed back to the client
application through a redirect.  Perhaps I'm misunderstanding the flow;
my question is simply "if there's information Emacs knows, can you
please avoid asking the user to retype it?"  

I hope I don't have to know how to implement OAuth2 in order to
understand your answer to that question.

Ted