Active
Project:
oAuth2 Connect
Component:
Code
Priority:
Normal
Category:
Support request
Assigned:
Unassigned
Reporter:
Created:
11 Apr 2012 at 04:27 UTC
Updated:
12 Apr 2012 at 05:50 UTC
Jump to comment: Most recent
The D7 version supports oauth2, with its own submodule (that stands on the shoulders of oauth).
I am specially interested in tour roadmap item
- Create access token refresh functionality
Didn't have the time yet to think that over(or code), but I know that some day I will need to implement that for the D7 version.
Shouldn't we work together?
Comments
Comment #1
gansbrest commentedHi
Yes, I saw that D7 version of oauthconnect has the oAuth2.0. It just requires too many modules in my opinion and it was hard for me to follow what's going on there. I would like to provide simpler / more straightforward solution, especially with oAuth2.0 which is fairly simple protocol.
I will dig a little more into connector module, before writing my own integration, but from initial review it seemed a little clunky to me. Again, this is just my opinion and I noticed that you made some contributions to that module. Maybe you will feed in more details about it, or just an opinion.
As for the access token refresh functionality - I think it should belong to specific plugin, i.e. plugin should know the implementation details and other modules just call some kind of factory method to get the access token. We will need to think how to expose it better, but keep the refresh implementation in the plugins.
I would be glad to work with u on this - looking forward to your patches and ideas!
Comment #2
frans commentedThe thing with connector and oauthconnector for D7 is that those are quickly ported from D6. That make some parts not well thought over. Still I feel that most use cases are thought over. With a little polish and time, it can shine like a star!
Yes, oAuth is pretty simple, but it will never be simple to configure, due to the implementations by providers and as developer you should know what you are doing...
What you do in the classes is basically what an administrator does in the admin of oauthconnector, leaving him/her room to configure unknown oauth providers, without coding. That makes of course the code more complicated and indeed sometimes a little clunky.
The problem with doing things in code is that it needs to be maintained and tested, for every provider.
IMHO, it is best to write a patch for oAuth.module. First to support version 2, then second to support refresh token.
I don't see what is so bad about the modules that are needed, since most of them are util modules that provide functionality that should make live easier and they solve their own issues, without exposing problems to modules build on top of that (or at least, they shouldn't).
I do see that there are issues with the current approach of connector and oauthconnector, but I think those can be solved and then have a module that can be used for every oauth connection, without coding.
Comment #3
joaogarin commentedAny news on this topic? Especially regarding the oauth support for refresh tokens, any ideas on how to achieve the functionality?
I am integrating with box and would like to know how to be able to save my refresh tokens.
Best regards,
Joao Garin