Comments (13)
AIUI, OAuth is horrible to implement if you want to support anything other than web applications for clients.
However, if your heart is set on it, there's already a spec for SASL over IRC, so you could define a SASL mechanism for OAuth and implement that.
from ircv3-specifications.
Agreed that if you want to use it, then it should be a SASL mechanism. Perhaps even reuse Google's XOAUTH2...
from ircv3-specifications.
@docwhat Are you willing to work on this in the future?
from ircv3-specifications.
I've never written specs before. What's involved?
from ircv3-specifications.
@docwhat Implementing it would help, too.
from ircv3-specifications.
Yeah...you don't want me writing C++. I learned way back in '92… it was a broken language then.
from ircv3-specifications.
The IETF's kitten WG is developing A set of SASL Mechanisms for OAuth - this could be a useful starting point.
from ircv3-specifications.
IRC software can be imlemented in other language too, not only C++...
from ircv3-specifications.
I think before anyone seriously considers pulling this in, they should consider the usability aspects of how this would integrate into the IRC client.
Would this be targeted at all clients or just web clients which can hide the details, etc. It seems non-intuitive to me for example, that you would open your browser and do the OAuth dance and then manually configure weechat or whatever to use them, when we already have SASL EXTERNAL. Then there is the matter of integrating it into the authentication layer of the network, who/what would issue the authoritative tokens, for example.
To me the only major beneficiary of this scheme would be web clients, feel free to correct me if I misunderstood.
from ircv3-specifications.
It could work with graphical desktop clients as well (e.g. embedded WebKitGTK or MSHTML for the auth dialog, or redirect-to-localhost, both methods already in use by various Twitter &c. clients).
from ircv3-specifications.
Please don't encourage such broken things. IRC already has authentication methods which are less painful than that.
from ircv3-specifications.
IRC already has authentication methods that are less painful than that.
Especially since for non-web apps OAuth is pretty much a convoluted way of directing the user to the "issue a per-app password" screen.
from ircv3-specifications.
Closing due to lack of support and implementation consideration.
from ircv3-specifications.
Related Issues (20)
- CHATHISTORY: consider an API to discover DM correspondents HOT 8
- A capability for enabling receiving arbitrary standard replies HOT 3
- ISUPPORT UTF8ONLY is not backwards-compatible. HOT 10
- BOT flag lacks notification of change HOT 5
- sasl spec should clarify that AUTHENTICATE is a normal IRC message HOT 2
- CAP DEL undefined behavior
- oper tag HOT 1
- Unclear how servers should send cap updates HOT 2
- Standardize pre-welcome FAIL ACCOUNT_REQUIRED HOT 3
- Client-tag for specifying in which shared channel a private NOTICE should be displayed HOT 5
- CVE-2022-2663 defence-in-depth: Specify CTCP PING character limits HOT 4
- CHATHISTORY: Clarify a limit of 0 in messages HOT 7
- Multiline messages: Clarify what counts towards max-bytes and what doesn't
- sasl-3.1: Mention size limit of incoming SASL authentication messages HOT 1
- Chat history + Channel rename HOT 3
- irc Some privacy issues HOT 5
- sasl: spec recommendations breaks single roundtrip connection registration HOT 4
- Unresolved issues with message redaction HOT 6
- CHATHISTORY: clarify behaviour when messages have no consistent total ordering
- draft/account-registration: should all responses use standard-replies? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ircv3-specifications.