During my GSoC development I managed to build sample OAuth 1.0a client and server implementations.
I know that OAuth 1.0 is not the newest specification, and would be cool to create demos that show 2.0 spec in action. Hovewer, even OAuth 1.0a is more complicated than 2.0 aims to be, it is mature specification, do its work well and it's already implemented by number of big providers.
You can try OAuth client at: http://oauthclient.appspot.com/
and server at: http://cxfoauthserver.appspot.com/.
Client is just usual OAuth consumer that accesses protected resources from Resource Server. You can easily test your OAuth provider implementation with it or see how OAuth flow works by connecting to existing providers like Google, Yahoo, Twitter,.
Server on the other hand is a OAuth provider that bases on Apache CXF framework, and its OAuth module I'm working on. As I mentioned in my previous post, my Google Summer of Code project aims on making simple framework that helps developers to secure their JAX-RS services with OAuth.
Work is still in progress so I appreciate any comments on that.
Is the code for these apps online anywhere?
ReplyDeleteThanks for intererest. Here are examples: https://svn.apache.org/repos/asf/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/
ReplyDeleteThanks. I will check it out (no pun intended).
ReplyDelete