Created: 2008-12-19 15:49
Updated: 2016-05-08 19:48
License: mit


There's Auth, there's OAuth, and there's OohAuth.

OohAuth extends merb-auth-more with a functionally-complete approach to OAuth, turning your merb-auth applications into full OAuth providers.

OAuth at a glance:

  • Your users won't have to give their names and passwords to client applications
  • Your users can revoke or limit access from a particular client at any time
  • Your users do not have to give client applications everything they need to steal their account
  • Your developer community can authenticate using a solid authentication schema endorsed by industry giants
  • Resilient to both man-in-the-middle and signature replay attacks.

OohAuth gives you:

  • Integration with merb-auth and your application's own User model
  • RESTful creation of API keys for client apps
  • RESTful creation of request and access tokens to allow client apps to authenticate on behalf of users
  • merb-auth strategies for both web-based and non web-based API authentication.

It depends on:

  • merb-slices
  • merb-action-args
  • merb-auth-core
  • merb-auth-more
  • nokogiri (tests only)
  • ruby-hmac
  • Erb (we need your help to get started on HAML support)
  • datamapper (we need your help to become ORM-agnostic)

You should read:

Cookies help us deliver our services. By using our services, you agree to our use of cookies Learn more