Let's keep this oauth1 repo private then and close PRs for now.<div>No pb.</div><div>++</div><div>Corinne<br><br>On Tuesday, March 31, 2015, Matthias Wessendorf <<a href="mailto:matzew@apache.org">matzew@apache.org</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Mar 31, 2015 at 8:57 PM, Bruno Oliveira <span dir="ltr"><<a href="javascript:_e(%7B%7D,'cvml','bruno@abstractj.org');" target="_blank">bruno@abstractj.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">I'm sorry if I'm late for the discussion, but I will voice my concerns anyways.<div><br></div><div>1. I don't see the real need/use case/scenario to support OAuth1. I'm not saying that OAuth1 is bad, but currently even after reading the GSoC proposal, I can't see which problem we're trying to solve here.</div><div><br></div><div>2. The big win of our APIs, is the extensibility. In my mind is: implement by your own if our SDK don't have it. If we're willing to maintain 2 protocols + OAuth1/2 providers outside, I'm a bit concerned about the bandwidth to maintain this codebase.</div><div><br></div><div>By that I mean, not only writing the code, but keep an eye on the vulnerabilities from an OAuth1 provider located in Springfield, for example. Because someone thought would be cool to support The Simpsons.</div><div><br></div><div>3. I think we have to be cautious about not reinvent the wheel. Several SDKs for social already the job for most of the popular APIs outside.</div></div></blockquote><div><br></div><div><br></div><div>yes, for JS we agreed to not create any social provider support, since they exist already (and why would I as a Twitter developer use a provider from somewhere else).<br></div><div><br></div><div>So for iOS I agree that initial work to move the FB/Google providers out, as discussed on thread you reference under [1], but I am not really seeing us moving towards a social framework nor as a provider for several social networks. </div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div><br></div><div>4. Our APIs are pretty much in a good shape, but there's always a room for improvements. If we suggest to people to improve the already existent APIs, instead of creating new ones, that in my personal opinion would be a good GSoC proposal.</div></div></blockquote><div><br></div><div>I like that idea and looking here <a href="https://aerogear.org/docs/guides/security/oauth2-guide/#_overview" target="_blank">https://aerogear.org/docs/guides/security/oauth2-guide/#_overview</a> perhaps the we should change the subject and really improve the feature set, and improve existing API.</div><div><br></div><div>If the student wants to leverage the work for a specific social network of choice, as a test-case, that's fine - but I am not sure if adding support for yet another social network really makes sense.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div><br></div><div>This is only my 2 cents. I think we should make our SDKs stronger, than they already are, instead of implement more stuff without a good reason.</div><div class="gmail_extra"><div><div><br><div class="gmail_quote">On Tue, Mar 31, 2015 at 9:58 AM, Luke Holmquist <span dir="ltr"><<a href="javascript:_e(%7B%7D,'cvml','lholmqui@redhat.com');" target="_blank">lholmqui@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote"><span>On Thu, Mar 26, 2015 at 2:09 PM, Matthias Wessendorf <span dir="ltr"><<a href="javascript:_e(%7B%7D,'cvml','matzew@apache.org');" target="_blank">matzew@apache.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span><br><br>On Thursday, March 26, 2015, Corinne Krych <<a href="javascript:_e(%7B%7D,'cvml','corinnekrych@gmail.com');" target="_blank">corinnekrych@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><br>
> On 26 Mar 2015, at 17:25, Matthias Wessendorf <<a>matzew@apache.org</a>> wrote:<br>
><br>
><br>
><br>
> On Wed, Mar 25, 2015 at 5:03 PM, Corinne Krych <<a>corinnekrych@gmail.com</a>> wrote:<br>
> Hello All,<br>
><br>
> As discussed in this thread [1], we are going to create an aerogear-ios-social repository to host FacebookConfig... etc. When it’s specific to a provider it will go in social.<br>
><br>
> +1<br>
><br>
> but I don't get why we now also work on support for OAuth1<br>
<br>
aerogear-ios-social will be part of GSoC, this PRs are to prepare the work our student will do. I’ve created the JIRAs for that.<br>
<br>
To have a proper social library we need to have both OAuth1 and 2.<br>
Similar approach for oauth / http integration.<br>
Our oauth1 lib should eventually use aerogear-ios-crypto.</blockquote><div><br></div></span><div>I am not sure if we really should put a lot of effort on a proper social lib, including oauth2. A bit surprised this is included in 2.3<span></span> </div></blockquote><div><br></div></span><div>I sort of agree with this.</div><div><br></div><div>I was wondering why we need this exactly? Don't the native platforms(iOS, Android) already have SDK's and integration with FB, G+, and twitter already.</div><div><br></div><div>i know this is a major reason why the JS lib isn't planning a social lib. Those libs already exist</div><div><div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<br>
><br>
> -Matthias<br>
><br>
> Social lib work is tracked under epic AGIOS-409 [2]. We also have a GSoC [2] for the iOS social lib so hopefully we’ll have some help here ;)<br>
><br>
> As a first step toward Social framework, AGIOS-419 provides support for OAuth1.<br>
> Here is a list of related PRs to review together:<br>
> - ios-http: <a href="https://github.com/aerogear/aerogear-ios-http/pull/40" target="_blank">https://github.com/aerogear/aerogear-ios-http/pull/40</a><br>
> - ios-oauth2: <a href="https://github.com/aerogear/aerogear-ios-oauth2/pull/26" target="_blank">https://github.com/aerogear/aerogear-ios-oauth2/pull/26</a><br>
> - ios-oauth1: <a href="https://github.com/corinnekrych/aerogear-ios-oauth1" target="_blank">https://github.com/corinnekrych/aerogear-ios-oauth1</a><br>
><br>
> The cookbook demo app [3] (which eventually will use ios-social pod) uses Twitter and can be used to test the PRs.<br>
><br>
> PR review and comments welcome!<br>
><br>
> ++<br>
> Corinne<br>
> [1] <a href="http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Android-Refactoring-OAuth2-configuration-td11113.html" target="_blank">http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Android-Refactoring-OAuth2-configuration-td11113.html</a><br>
> [2] <a href="https://developer.jboss.org/wiki/GSOC15Ideas#jive_content_id_Go_Social" target="_blank">https://developer.jboss.org/wiki/GSOC15Ideas#jive_content_id_Go_Social</a><br>
> [3] <a href="https://github.com/corinnekrych/aerogear-ios-cookbook-1/tree/incognito/Incognito" target="_blank">https://github.com/corinnekrych/aerogear-ios-cookbook-1/tree/incognito/Incognito</a><br>
><br>
><br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
> <a>aerogear-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
><br>
><br>
><br>
> --<br>
> Matthias Wessendorf<br>
><br>
> blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
> sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
> twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a><br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
> <a>aerogear-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
<br>
<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a>aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></blockquote><br><br></div></div><span><font color="#888888">-- <br>Sent from Gmail Mobile<br>
</font></span><br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div></div></div><br></div></div>
<br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br></div></div><span><font color="#888888"><div><div><br></div>-- <br>"The measure of a man is what he does with power" - Plato<br>-<br>@abstractj<br>-<br>Volenti Nihil Difficile</div>
</font></span></div></div>
<br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a></div>
</div></div>
</blockquote></div>