Menu
Some OpenSocial containers use xoauth_security_token for signing requests, instead of oauth_token and oauth_token_secret.
Is XOauth an alternative to OAuth?(*) Who is behind XOauth and where is the official spec?
Casual Googling only lead me to xoauth.py from google-mail-xoauth-tools project which just states it's a "utilities for XOAUTH authentication".
(*)Aside: it mustn't be, because the container uses other oauth_xxx parameters alongside the xoauth_xxx ones.
200
OAuth 2.0 is a standardized authorization protocol, Auth0 is a company that sells an identity management platform with authentication and authorization services that implements the OAuth2 protocol (among others). Save this answer.
OAuth (pronounced “oh-auth”) is a technological standard that allows you to share information between services without exposing your password. It's a widely-adopted standard that's used by developers of websites and apps, and you probably use services every day that utilize OAuth.
OAuth (Open Authorization) is an open standard authorization framework for token-based authorization on the internet.
OAuth and XACML It provides: An access control architecture. A policy language with which to express a wide range of access control policies including policies that can use consents handled / defined via OAuth. A request / response scheme to send and receive authorization requests.
Where did you see the use of xoauth_security_token? I googled it and did not get a single hit.
XOAuth is a SASL authentication mechanism which is based on OAuth signatures. It can be used for SMTP or IMAP authentication for instance. There's also a proposal to make it an IETF standard, as an official SASL mechanism. It is supported by Google and works well with Gmail for SMTP and IMAP access.
For more information how to implement and use it:
http://code.google.com/apis/gmail/oauth/protocol.html
HTH.
190
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
