My favorites | Sign in
Project Home Downloads Wiki Issues Source
READ-ONLY: This project has been archived. For more information see this post.
Search
for
  Advanced search   Search tips   Subscriptions
Issue 12: Split OAuth2 logic from input/output processing
1 person starred this issue and may be notified of changes. Back to list
Status:  New
Owner:  ----


 
Reported by indey...@gmail.com, Dec 29, 2010
Currently, OAuth2 is implemented as a single class. It works good for usual php web-app cases, but makes it difficult to use the class for processing requests in daemonig fashion (in loop, when input is supplied as arrays and output is expected as return values).

I propose to introduce additional class, object of which will work as input/output proxy. Default implementation would do just what is currently done (getting data from _GET, _POST, _SERVER, filter_input_array, outputting data with header() and echo).

And custom implementations would allow to use OAuth2 in daemonic or batch-processing tasks. Also, this would allow to implement a clean set of tests
Feb 12, 2011
#1 hswong3i@gmail.com
I think this is a good suggestion too. BTW, any code snippet as example of your idea?
Sep 14, 2011
#2 nikolas....@gmail.com
I agree. Instead of directly accesing the the superglobals $_SERVER/$_POST/$_GET i would suggesto introduce kind of a "request" object, that can be injected to the actualy oauth object. 

This would be useful for unit testing as well since one could mock this request object.

Same should be done for the backend tocken handling. Instead of using inheritence i suggest to introduce a "backend object" implementing an interface and inject this as well.
So the the actual oauth lib would do nothing but talking its request and the backend object without knowing their inner logic aka data source.

 
Sep 14, 2011
#4 nikolas....@gmail.com
Some visuals just to get an idea:
http://tinyurl.com/6aeguzd

the request should probably offer an opportunity to esplictly get "crytable" parameters (like $_POST) for web. (needed for grant access token and grant type password)



Powered by Google Project Hosting