Sep 5, 2008 3
Bringing OAuth to .NET developers
Over the last few months, as part of Madgex’s ongoing commitment to research and development, I have been working closely with Chris Adams to build an OAuth library for .NET, which we’ve cleverly named OAuth.net.
Today, I’m delighted to announce that Madgex is open-sourcing this library for everyone to use. To mark the occasion, we’ve put some demos up on the Madgex Lab site and loaded the source code on to Google Code!
OAuth: simple, standard and secure API authentication
OAuth is a fresh new standard that allows users to share their online data between different web, desktop and mobile applications without also having to share their passwords.
A great example of a use case is the friend import feature that all social networks seem to have. Just give them your email address and password, and they will kindly go off and find your friends for you! Oh, and they promise not to write your password down on any post-its. Honest.
Hopefully, everyone can see how this is a Bad Idea. It’s so bad, in fact, that it has a big scary name: the Password Anti-Pattern. With OAuth, however, you don’t have to give the social network your password; instead they simply send you to your webmail site where you log in and issue them a special token. The token, like a valet car key, gives access to your contacts but is useless for any other purpose.
Of course, OAuth isn’t just for sharing address books. OAuth can (and should) be used wherever a user’s private data is to be shared between a website and a third-party web, desktop or mobile application. Other examples include location-aware applications that fetch your location from Fire Eagle, and photo printing sites that turn your online photos into lovely printed albums.
Find out more
If I’ve piqued your interest (and I hope I have), here’s how to find out more. First, I will be talking about OAuth at Barcamp Brighton 3 this weekend, so if you’re lucky enough to have a ticket, pop along to my session and ask me lots of tough questions! Madgex also have a stand at dConstruct today, so feel free to pop along and grab Chris, Glenn or me for a chat. We’ll also be at ReMix UK 08 in a few weeks time, if you’re not around this weekend.
Next, download the source code and peruse the examples on the Madgex Lab site. For a more in-depth discussion, I’ve written a getting started guide where I show how to build a Fire Eagle mashup with Google Maps.
Finally, we’d love to hear from you, so email us at oauth-dot-net@madgex.com or tweet me, Glenn or Chris.
Update: Barcamp Brighton 3 presentation slides
I’ve uploaded the presentation slides here. (Although the slides are quite sparse, pretty much everything I said is in the notes for the slides)
