| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Stop wasting time looking for files and revisions. Connect your Gmail, DriveDropbox, and Slack accounts and in less than 2 minutes, Dokkio will automatically organize all your file attachments. Learn more and claim your free account.

View
 

OAuth book

Page history last edited by Tantek 8 years, 11 months ago

OAuth book

OAuth Up And Running

Original thoughts on an OAuth book:

  • Simple
  • Short
  • Focused on OAuth client development

 

working title: OAuth: Up & Running

Might still do this - there's probably a lot more demand for it than a more comprehensive book. Can probably re-use material from one for the other, and vice-versa.

 

Definitive Guide to OAuth 2

http://aaronparecki.com/The_Definitive_Guide_to_OAuth_2

http://aaronparecki.com/Talk:The_Definitive_Guide_to_OAuth_2

 

Some thoughts on writing an OAuth book with Aaron Parecki et al

 

Part 1 feedback

 

Re: Part 1 overall. If I was a developer wanting to get up and running with OAuth, I wouldn't want to wade through all the history and nitty gritty of how OAuth works. Need chapters on example applications instead.

Re: Chapter 1. History can be an appendix. A one page summary timeline intro would be sufficient. Perhaps 1 page on password anti-pattern bad, how Flickr solved it with Flickr-auth good, and then 1 page on how OAuth 1 and 2 are the generalization/standardization of what Flickr-auth did instead.

Re: Chapter 2 and 3 - move these to a latter advanced section.

Then from a developer's perspective, I would expect to see one chapter for each type of client that just walked me through the code I needed to write.

 

Part 2 feedback

 

Part 2 (Ch 4-12) - the whole thing seems far too plumbing centric. Great for someone into protocols, but intimidating/overwhelming from an application developer perspective. I understand why each of these might be important to know, however the packaging can be improved. That is, each Chapter should be a feature / user-scenario of an app which then requires using a specific feature of OAuth, that way the motivation to make the feature work is what drives learning/understanding the feature, which is likely to be more effective than mere protocol curiousity which tends to be much rarer.

 

Part 3 feedback

Part 4 feedback

Part 3 and 4 are definitely advanced sections.

Comments (0)

You don't have permission to comment on this page.