Implementing a 2 Legged OAuth Provider

Posted by Rob Wilkerson on Stack Overflow See other posts from Stack Overflow or by Rob Wilkerson
Published on 2010-03-29T18:15:52Z Indexed on 2010/03/30 11:33 UTC
Read the original article Hit count: 637

Filed under:
|
|

I'm trying to find my way around the OAuth spec, its requirements and any implementations I can find and, so far, it really seems like more trouble than its worth because I'm having trouble finding a single resource that pulls it all together. Or maybe it's just that I'm looking for something more specialized than most tutorials.

I have a set of existing APIs--some in Java, some in PHP--that I now need to secure and, for a number of reasons, OAuth seems like the right way to go. Unfortunately, my inability to track down the right resources to help me get a provider up and running is challenging that theory. Since most of this will be system-to-system API usage, I'll need to implement a 2-legged provider. With that in mind...

  1. Does anyone know of any good tutorials for implementing a 2-legged OAuth provider with PHP?
  2. Given that I have securable APIs in 2 languages, do I need to implement a provider in both or is there a way to create the provider as a "front controller" that I can funnel all requests through?
  3. When securing PHP services, for example, do I have to secure each API individually by including the requisite provider resources on each?

Thanks for your help.

© Stack Overflow or respective owner

Related posts about oauth

Related posts about oauth-provider