Social Web Q&A with Google’s Kevin Marks
I call this the “social cloud,” meaning that “social” will be integrated with the web so that you don’t think about it anymore. Charlene Li calls this same idea “social networks become like air.” The web itself is like this — following links seems like second nature to us because we know a URL can take us anywhere. -- (on OpenSocial and other things)
In this Q&A-style post, Kevin delves into the standards that make up the emerging open social stack (OpenID, OAuth, Portable Contacts, and OpenSocial), looking at the infrastructure problems they address, and exploring some of the live implementations, including Plaxo and Google Friend Connect.TwitterAuth: For Near-Instant Twitter Apps - Intridea Development Blog
Neat gem that uses Twitter as the login authentication for your app. Interesting idea and makes it one less thing to worry about when building a secured app.
TwitterAuth is a Rails plugin that provides a full external authentication stack for Rails applications utilizing Twitter.Rails Template: Create a Twitter Application in Seconds - Intridea Company Blog
u quickly build a TwitterAuth app for depl
Twitter Demo AppTwitter API Wiki / Sign in with Twitter
pattern of authentication that allows users to connect their Twitter account with third-party services in as little is one click. It utilizes OAuth and although the flow is very similar, the authorization URL and workflow differs slightly as described below.
Use your twitter account as an openID account to sign-inHueniverse: Introducing 'Sign-in with Twitter', OAuth-Style "Connect"
adding site sign-in using twitter
Interesting differentiations between OpenID and OAuth ... neither of which I have played with that much. But twitter has recently implemented an OAuth solution.
From HueniverseOpenID: Now more powerful and easier to use! | OpenID
This is the way the web should work. Facebook - pleas join this!
Google, Yahoo! and MySpace support for OpenIDHow the OAuth Security Battle Was Won, Open Web Style - ReadWriteWeb
And that's how a decentralized community solved a security threat in an open identity spec, quickly. One company (Twitter) took a risk at implementing a new technology advocated by an employee of another company (Yahoo's Hammer-Lahav), then an engineer at yet another company found the beginning of the security hole, then news of the whole problem was sent out to contacts on a Wiki, an email list was formed, companies donated their employees' valuable time to aid in the effort, everyone more or less kept their mouths shut (including the unfairly criticized Twitter) and then everyone worked together to find a solution just in time. I think that's a pretty cool story.
RT @jayrosen_nyu: I understood about 40% of this, but wow, what a story. How OAuth Security Battle Was Won, Open Web Style http://tr.im/jICt [from http://twitter.com/CircleReader/statuses/1617435709]
At some point in conversation Hammer-Lahav realized that the problem went far beyond the Twitter implementation. The OAuth protocol had an inherent vulnerability; big companies like Google, Netflix and Yahoo had implemented OAuth and scores of tiny startups had too... OAuth has support, but it doesn't have a centralized authority ready to deal with problems like this. Over the next week a story unfolded as the community moved to deal with the security issue. It's a dramatic story.Facebook Connect vs. Sign in with Twitter
Twitter has quietly given some developers access to a new feature, Sign in with Twitter, which uses Twitter's new OAuth technology to allow people to log into
which uses Twitter’s new OAuth technology to allow people to log into and ac
tter has quietly given some developers access to a new feature, Sign in with Twitter, which uses Twitter’s new OAuth technology to allow people to log into and access 3rd party websites using their Twitter accountsHueniverse: Explaining the OAuth Session Fixation Attack
Every OAuth provider should encapsulate OAuth authorization inside OpenID. Better UX, lesser redirects http://bit.ly/7qbfPB
OAuth-enabled APIs suGoogle Code Blog: Google OpenID API - taking the next steps
use of Portable contacts api for google
In case you missed the announcement a while back, Google Contacts now available through Portable Contacts standardOAuthプロトコルの中身をざっくり解説してみるよ - ゆろよろ日記