REST APIs that make you pull down expiring access tokens as a prerequisite make my brain hurt so much...
-
-
@bascule this was more a critique of using OA2 for things it was not designed for. -
@kyledrake I forgot to mention it but OAuth(2) is terrible -
@bascule The biggest pain point is the "expires_in", which is not a timestamp so I have no idea when it was issued:https://gist.github.com/kyledrake/214221ab4bd10b78a585#file-paypal-rb-L8 … -
@kyledrake TLS certs encode a validity window in terms of datetimes. Macaroons work similarly. So does JWT FWIW. -
@bascule Nobody's implemented a ruby library for ACME yet, which uses JWT, so I may be diving into that pretty soon out of necessity. -
@kyledrake check out ruby-macaroons
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.