I confirm. Information about the user depend on the producer. It is usually a simple REST call. In theory there is not even guarantee that any user data is available to the consumer. OAuth is about giving authorization to fetch authenticated user data by a third party, i.e. the OAuth consumer. The only specified result from a successful authentication is an expiring session token that must not contain any direct reference to user info.
mic > The authentication is interoperable (is this user allowed to login?) but not > the request for credentials (who is this user?). > > > > > > On Wednesday, 18 July 2012 13:24:12 UTC-5, rdodev wrote: >> >> OAuth2 authorization for web2py would be huge. +1 >> >> On Thursday, July 5, 2012 10:42:20 AM UTC-4, Alec Taylor wrote: >>> >>> A rather good 64-line OAuth 2 client implementation for Python has been >>> open-sourced. >>> >>> Source-code (announcement) >>> >>> This has been tested—and includes example code—with: >>> >>> Facebook >>> Google >>> Foursquare >>> >>> https://github.com/demianbrecht/sanction/blob/master/example/server.py >>> >>> Please share your thoughts below, specify if you would like how to use it >>> with web2py, e.g.: for the online web2py book. [Disclaimer: haven't spoken >>> with Massimo yet] >>> >>> Thanks, >>> >>> Alec Taylor > > -- > > > --
