Tangentially Magento related: Magento uses the
lusitanian/oauth composer package to handle some oAuth related tasks. In addition to the usual “create the cryptic
Authorization: headers” code you’d expect to find in an oAuth library, there’s also these two folders of code
Each service class listed here attempts to capture each individual oAuth API’s unique take on how to authenticate, authorize, and call an API endpoint for a particular third party service.
Whenever someone like me quips that “oAuth is a tire fire”, what we’re really saying is “I wish oAuth was a protocol with a standard implementation for authentication, authorization, and method calling across corporate providers”. The effort David’s made to write and/or collect these vendor specific implementations into a single place is admirable – but it points to the ultimate fragility of standards like oAuth.