jerakeen.org

created 23 September 2009 in links tagged headers, http, oauth and security.

Every single piece of infrastructure that people are using on the Web today was developed after the authenticate headers were designed. If people have designed a scripting host in such a fashion that the information does not make it through, that is clearly either a deliberate decision on their part or the system is so clueless that you probably don’t want to use it for any security related application in any case.

http://www.ietf.org/mail-archive/web/oauth/current/msg003...

created 23 April 2009 in links tagged oauth and security.

Wow, OAuth has a really big hole in it. How did we (I say we because I’ve been over the spec a lot, not because I’m part of anything ‘official’) miss this? Doubly alarming because I can’t think of any solutions to it that don’t involve attaching parameters to the callback url, thus screwing desktop/phone-based clients.

http://www.hueniverse.com/hueniverse/2009/04/explaining-t...

created 14 April 2009 in links tagged oauth, patch, ruby and twitter.

Patch to the ruby oauth gem so that you can pass non-ascii parameters. This will hopefully fix the Dopplr API‘s problems with the same thing. Silly ruby.

http://github.com/mzsanford/oauth/commit/7c462a070bfe5faa...

created 05 January 2009 in links tagged macos, oauth and software.

A Leopard UI for testing OAuth endpoints. Awesome.

http://github.com/jcrosby/endpointr/tree/master

created 05 August 2008 in links tagged oauth, objectivec and programming.

an Objective-C oauth consumer library. For doing something with on the iPhone. Not sure what. Something.

http://oauth.googlecode.com/svn/code/obj-c/OAuthConsumer/