|
|
|
|
|
|
by BillinghamJ
3027 days ago
|
|
|
Hmm yes, good point. Have slightly adjusted the post. Assuming you have fully read and understood the OAuth spec, I find that it can be a helpful resource to identify the more complex considerations that might be easily missed in a home-grown auth implementation. That being said, in my company's case, I haven't entirely followed my own advice, and we did implement our own OAuth 2 server. But we do know the spec pretty comprehensively. Edit: if anyone's interested in our particular flavour of the protocol, we have it documented at https://github.com/cuvva/docs/blob/master/apis/auth.md#send_... |
|
|