Posted by Rob Loach on August 5, 2008 at 7:41pm
| Project: | Services |
| Version: | 6.x-1.x-dev |
| Component: | Code |
| Category: | task |
| Priority: | normal |
| Assigned: | sumitk |
| Status: | closed (fixed) |
Issue Summary
Sumit Kataria is a Google of Code student working on implementing a OAuth Server for the Services module. For some information about what he's working on and how OAuth works, visit OAuth General Information.
He has done a fantastic job so far in integrating OAuth into Drupal and needs to make some small modifications to Services core. He will create patches and upload them here, if you think they are good, feel free to give him commit access.
Comments
#1
patch coming very soon for services to work with OAuth -
OAuth module is to work with Services only, you can checkout a copy from CVS to make a test
#2
Hi all
OAuth and Services (to work with OAuth) are now ready for a release
I am attaching a tar containing both modules here
#3
Mind sticking it in a patch?
#4
Hi
here is patch for services to work with OAuth module
Please download latest oauth module from cvs to work with - a video coming soon showing how to use this module in detail
Basic details of OAuth module is on http://sumitk.net and soc-2008 project wiki page
#5
HI guys
summer of code is ending we need to review this patch for services - to work with OAuth system and oauth module in drupal
#6
Hi Sumit
I have just done a quick review of your patch.
By my understanding the idea is that a service uses the existing API keys or the Oauth keys. As a result selecting to use Oauth should be implemented as a radio button, with the other option being the key api, rather than a checkbox.
What version of code was this patch generated against? It looks as if the patch was done on code retrieved from 6 head but then the patch itself was generated against the current release version of services.
The functions check_nonce and lookup_nonce code be tidied up. They could indeed be combined into one function e.g
function check_nonce($nonce, $timestamp) {/*{{{*/// verify that the nonce is uniqueish
$found = lookup_nonce($nonce, $timestamp);
if (db_result(db_query("SELECT count(*) FROM {oauth_nonce} WHERE nonce_timestamp='%s'", $timestamp))) {
return FALSE;
}
else{
db_query("INSERT INTO {oauth_nonce} (nonce, nonce_timestamp) VALUES ('%s', %d)", $nonce, $timestamp);
return TRUE;
}
}
Also shouldn't nonce be included in DB query as there could be muiltiple timestamps the same?
Your code also has tabs within in it when it should be spaces and there are some other style errors in the code. Using the coder module will help you quickly correct style errors.
Otherwise looks good
Marc
#7
Guys,
i will mantain the OAuth discussion on http://drupal.org/node/238814, right?
regards,
massa
#8
nice #238814 is right place for it now
#9
#10
As seperate ticket exists