| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Whenever you search in PBworks, Dokkio Sidebar (from the makers of PBworks) will run the same search in your Drive, Dropbox, OneDrive, Gmail, and Slack. Now you can find what you're looking for wherever it lives. Try Dokkio Sidebar for free.

View
 

OAuth book

Page history last edited by Tantek 11 years, 1 month ago

OAuth book

OAuth Up And Running

Original thoughts on an OAuth book:

  • Simple
  • Short
  • Focused on OAuth client development

 

working title: OAuth: Up & Running

Might still do this - there's probably a lot more demand for it than a more comprehensive book. Can probably re-use material from one for the other, and vice-versa.

 

Definitive Guide to OAuth 2

http://aaronparecki.com/The_Definitive_Guide_to_OAuth_2

http://aaronparecki.com/Talk:The_Definitive_Guide_to_OAuth_2

 

Some thoughts on writing an OAuth book with Aaron Parecki et al

 

Part 1 feedback

 

Re: Part 1 overall. If I was a developer wanting to get up and running with OAuth, I wouldn't want to wade through all the history and nitty gritty of how OAuth works. Need chapters on example applications instead.

Re: Chapter 1. History can be an appendix. A one page summary timeline intro would be sufficient. Perhaps 1 page on password anti-pattern bad, how Flickr solved it with Flickr-auth good, and then 1 page on how OAuth 1 and 2 are the generalization/standardization of what Flickr-auth did instead.

Re: Chapter 2 and 3 - move these to a latter advanced section.

Then from a developer's perspective, I would expect to see one chapter for each type of client that just walked me through the code I needed to write.

 

Part 2 feedback

 

Part 2 (Ch 4-12) - the whole thing seems far too plumbing centric. Great for someone into protocols, but intimidating/overwhelming from an application developer perspective. I understand why each of these might be important to know, however the packaging can be improved. That is, each Chapter should be a feature / user-scenario of an app which then requires using a specific feature of OAuth, that way the motivation to make the feature work is what drives learning/understanding the feature, which is likely to be more effective than mere protocol curiousity which tends to be much rarer.

 

Part 3 feedback

Part 4 feedback

Part 3 and 4 are definitely advanced sections.

Comments (0)

You don't have permission to comment on this page.