Most Oauth implementations require the user to login with the originating site in the process.
An example is: http:/开发者_开发百科/code.google.com/apis/accounts/images/OAuthDiagram.png
What if I want to use my own account to access a generic feature, such as a search for people outside of my network, and don't want them to login? Is there any way to login with my own generic account?
I am creating a web service that interacts with many social networks by searching them, so by forcing the user to login several times to each network if I want to use their API is just bad user experience.
You could try to authenticate your account manually and then store the access token. Any subsequent request would be made with the stored access token.
There are several problems with this approach:
- if the token expires, you have to reauthenticate
- you might run into request quotas if you do all requests from one account (e.g. Twitter)
If possible, I would use something like HTTP basic auth to authenticate to the services.
When you are strictly speaking of OAuth, it is not meant for this scenario. Try looking into SSO (Single Sign-On). OAuth can also be implemented in conjunction with SSO solutions.
精彩评论