(программистское)
Aug. 27th, 2011 05:51 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
jsnAm I missing something huge, or did Yahoo indeed went to great lengths to make their OpenID *and* OAuth support utterly useless (borderline harmful, in fact) for any purposes related to, eh, identification? It's called "Open *ID*", for Pete's sake. The consumer should be given an unique, recognizable, human readable identification name or URL or something. What they give you instead is a pair of Last name, First name (practically guaranteed to be non-unique, and user-editable anyway), and God-awful random token a few miles long, useless for every practical intent and purpose. No usable nickname, no profile link, no email, nothing. WTF were they thinking? So okay, OpenID was a damn mess to start with, but then they go ahead and implement the new shiny OAuth spec, hooray! Oh wait, here we go again: no nickname, no profile link, and an ugly useless random token. F-ng atrocious.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2011-08-28 08:48 pm (UTC)Разумеется, это не identity. Интеграция с federated login в общем случае не сводится к identity. Which is exactly the point I'm trying to make.
Токены фейсбучные утекают регулярно, я полагаю. Фейсбуковская автоматика ловит, полагаю, такие случаи на взлёте и не вспотев. Но будут и fuck up-ы, чего ж. Не следует думать, что вовлечённые стороны не в курсе этого риска.