There's Auth, there's OAuth, and there's OohAuth.
OohAuth extends merb-auth-more with a functionally-complete approach to OAuth, turning your merb-auth applications into full OAuth providers.
OAuth at a glance:
- Your users won't have to give their names and passwords to client applications
- Your users can revoke or limit access from a particular client at any time
- Your users do not have to give client applications everything they need to steal their account
- Your developer community can authenticate using a solid authentication schema endorsed by industry giants
- Resilient to both man-in-the-middle and signature replay attacks.
OohAuth gives you:
- Integration with merb-auth and your application's own User model
- RESTful creation of API keys for client apps
- RESTful creation of request and access tokens to allow client apps to authenticate on behalf of users
- merb-auth strategies for both web-based and non web-based API authentication.
It depends on:
- nokogiri (tests only)
- Erb (we need your help to get started on HAML support)
- datamapper (we need your help to become ORM-agnostic)