Comments (17)
Agreed.
Original comment by brunobg%[email protected]
on 12 Jan 2010 at 6:54
- Changed state: Accepted
- Added labels: Type-Enhancement
- Removed labels: Type-Defect
from oauth-php.
Is there any anticipated timeline to this dependency being removed?
Original comment by philfreo
on 5 Apr 2010 at 5:22
from oauth-php.
Hi, not yet. Why is using _SESSION a problem for you?
Original comment by brunobg%[email protected]
on 7 Apr 2010 at 7:50
from oauth-php.
_SESSION is difficult to get working when you have a large site scaling across
multiple servers. Does it really
need to use sessions? Can it use the app's own user ID (rather than a session
cookie) and store the data in the
database? It'd be good if there was separate instance of something like Store,
where you could choose between
$_SESSION, using Memcached, the database, etc.
Original comment by philfreo
on 7 Apr 2010 at 7:57
from oauth-php.
I see, but doesn't session_set_save_handler() already provides what you are
looking for?
I'm afraid that people will need lots of different store options and each will
need
to be highly customizable to work efficiently with the rest of existing code.
Original comment by brunobg%[email protected]
on 8 Apr 2010 at 1:03
from oauth-php.
I think session_set_save_handler() is the wrong way to go here. It seems like
this framework shouldn't be dependent upon
$_SESSION, but rather use a generic interface. The point is that you don't
have to write each person's different needed store
option/implementation, but rather that the framework provides an extendable
class or interface that can be used as a base.
For example, none of the framework's provided Store implementations worked for
exactly what I needed, but because it was set
up nicely I could create a class that extended the OAuthStoreSQL class --
without modifying any of the framework's classes --
to fit my implementation. It'd be much better if $_SESSION was similarly
abstracted, and just provided a simple implementation
that used $_SESSION that would work for the majority of simple cases but not
make the entire framework dependent upon it.
What, exactly, is $_SESSION being used for now? Can it use the app's own user
ID (rather than a session cookie) instead?
Original comment by philfreo
on 9 Apr 2010 at 6:59
from oauth-php.
Ok, I see.
$_SESSION is being used by the authorization verification code. I've carefully
analyzed the code, however, and there seems to be no need for using _SESSION or
any
similar persistent storage. Since it's Friday evening :) I'll check with the
original
writers to see if I'm missing something (perhaps there is a case where it makes
sense).
If necessary, I'll write the new storage classes.
BTW, if your code changes could be useful to other people, send me a patch and
I'll
include them on the next release.
Original comment by brunobg%[email protected]
on 9 Apr 2010 at 11:43
from oauth-php.
Great! Looking forward to seeing what happens with it.
I'll definitely be sure to submit any code that I think could be of use to
others.
Thanks!
Original comment by philfreo
on 12 Apr 2010 at 5:03
from oauth-php.
Revision 106 has the new code with the _SESSION dependency removed. It uses a
system
analogous to the store, and I implemented only the _SESSION class.
To those watching this issue, if you create another session class, please send
the
code and I'll add to the SVN and next releases. If you need to make changes to
OAuthSession talk to me.
I tested the code and it's working. Since it's a pretty straightforward change,
I'll
consider this fixed and wait for the tons of session classes you will send me ;)
Original comment by brunobg%[email protected]
on 16 Apr 2010 at 6:35
- Changed state: Fixed
from oauth-php.
Overall the changes look good to me!. (Still haven't finished fully testing
though)
Looks like OAuthSessionSESSION.php declares it as an abstract class but it
shouldn't.
OAuthSession.php - line 44 - default $store parameter value should be 'SESSION'
rather than 'Session' if the file
name is going to remain all uppercase.
Original comment by philfreo
on 20 Apr 2010 at 5:49
from oauth-php.
Also, the OAuthSessionSESSION doesn't extend OAuthSessionAbstract like it
should.
(these comments are as of r108)
Original comment by philfreo
on 20 Apr 2010 at 5:51
from oauth-php.
Fixed.
Original comment by brunobg%[email protected]
on 20 Apr 2010 at 2:18
- Changed state: Started
from oauth-php.
I just remade all my tests and caught another bug. The session code validated
now
(r114).
Original comment by brunobg%[email protected]
on 20 Apr 2010 at 3:24
from oauth-php.
Since I've tested this and I'm already running on an internal server with
success, if
nobody has anything else to add in the next few days I'll consider this one
closed.
Thank you all for the feedback.
Original comment by brunobg%[email protected]
on 28 Apr 2010 at 5:48
from oauth-php.
Trying to test the latest version and am not sure the best place to report this.
When trying to run mysql.sql... I get the error below.
Please make sure that both the comments at the top "ALTER TABLE" are up to
date, as well as the actual file for
fresh installations.
---
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that
corresponds to your MySQL
server version for the right syntax to use near '(128) not null,
ost_token_ttl datetime not null default '9999-12-31',
' at line 9
Original comment by philfreo
on 1 May 2010 at 7:59
from oauth-php.
@philfreo: the file had some tabs, which were being rejected by mysql. The file
is up
to date and I removed the tabs. Fixed on r121. Thanks for the report.
Original comment by brunobg%[email protected]
on 3 May 2010 at 7:37
from oauth-php.
Closing this.
Original comment by brunobg%[email protected]
on 6 May 2010 at 3:00
- Changed state: Fixed
from oauth-php.
Related Issues (20)
- Minor fix that allows for the implementation of your OAuthStore
- OAuth POST request combines parameters from original server request with parameters being sent via oauth for Oauth consumers HOT 1
- Array of Array
- No server associated with consumer_key "..."
- Putting project to packagist
- Saving Recurring events from Google calendar api
- connect Oauth(PHP) Client to Oauth server (ruby on rails)
- cgi sapi oauth callback is required hot fix available
- Error with OAuth instance 2legged
- Invalid consumer HOT 1
- remote server request error
- Error when creating tables with foreign key constraints
- POST data included in signature when content type is "multipart/form-data" HOT 4
- I get error "Authorized token from Service Provider does not match supplied Request Token details"
- Patch for /trunk/example/client/twoleggedtwitter.php
- OAuth Verification Failed HOT 1
- oAuth with PHP 4.4.9
- where is the updateConsumer function? HOT 1
- [deleted issue]
- SQL bug (with fix) in PostgreSQL Store checkServerNonce method
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth-php.