Oh, I misread your files this morning and this makes a lot more sense
now. Note to self, don't review ObjC until I have had at least 3 cups
of coffee.
++
Corinne
On Jan 6, 2014, at 5:04 PM, Summers Pittman <supittma(a)redhat.com> wrote:
> On 01/06/2014 10:48 AM, Corinne Krych wrote:
>> Agreed. We could find a common way to treat both tokens and apply them.
>> Make a proposal for android and I'll create a JIRA for iOS.
>> this is at implementation level though and should not affect interfaces.
>> Different interfaces still needed for auth and authz though.
> True. But it may simplify both interfaces (like removing login/logoff/enroll from
authz)
>>
>> ++
>> Corinne
>> On Jan 6, 2014, at 4:39 PM, Summers Pittman <supittma(a)redhat.com> wrote:
>>
>>> On Mon 06 Jan 2014 10:36:32 AM EST, Corinne Krych wrote:
>>>> Summers,
>>>>
>>>> Do you mean, should we refactor and treat authToken and accessTokens in a
similar way for the implementation of OAuth2?
>>> Yes. That is what I am proposing.
>>>
>>>> ++
>>>> Corinne
>>>> On Jan 6, 2014, at 4:33 PM, Lucas Holmquist <lholmqui(a)redhat.com>
wrote:
>>>>
>>>>> On Jan 6, 2014, at 10:21 AM, Summers Pittman
<supittma(a)redhat.com> wrote:
>>>>>
>>>>>> So in JS land and iOS land we have or will soon have OAuth2
handling.
>>>>>> To handle OAuth2 a new API was created, AGAuthorizationModule.
I
>>>>>> understand and agree with the separation of concerns between
>>>>>> Authentication and Authorization, but I am worried that this
introduces
>>>>>> two APIs now.
>>>>>>
>>>>>> Before Authz was added Authentication (login, logout, etc) and
>>>>>> Authorization(here are my keys and permissions) were both handled
by
>>>>>> AGAuthenticationModules. With Authz now being a thing we should
>>>>>> probably remove and deprecate the authz parts of the old
>>>>>> AuthenticationModules.
>>>>>>
>>>>>> see iOS
>>>>>>
https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGea...
>>>>>>
>>>>>> see Android
>>>>>>
https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/ae...
>>>>>>
>>>>>> see Javascript: I couldn't actually find this in
javascript…
>>>>> We didn't have authz in our auth stuff, so it made sense to
create a separate thing.
>>>>>
>>>>>> wdyt?
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> aerogear-dev mailing list
>>>>>> aerogear-dev(a)lists.jboss.org
>>>>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>>
>>>>> _______________________________________________
>>>>> aerogear-dev mailing list
>>>>> aerogear-dev(a)lists.jboss.org
>>>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev(a)lists.jboss.org
>>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>
>