jm + oauth   6

Gravitational Teleport
Teleport enables teams to easily adopt the best SSH practices like:

Integrated SSH credentials with your organization Google Apps identities or other OAuth identity providers.
No need to distribute keys: Teleport uses certificate-based access with automatic expiration time.
Enforcement of 2nd factor authentication.
Cluster introspection: every Teleport node becomes a part of a cluster and is visible on the Web UI.
Record and replay SSH sessions for knowledge sharing and auditing purposes.
Collaboratively troubleshoot issues through session sharing.
Connect to clusters located behind firewalls without direct Internet access via SSH bastions.
ssh  teleport  ops  bastions  security  auditing  oauth  2fa 
february 2017 by jm
Twitter OAuth-evasion backdoor
rather than force users of their official Android client to upgrade come the OAuthpocalypse, like everyone else has had to, they added a custom basic-auth backdoor: append "?source=twitterandroid" to the URLs. hilarity. apparently this also works for all other clients, too
twitter  oauth  funny  dailywtf  android  security  from delicious
september 2010 by jm
Twitter's misuse of OAuth
Twitter seem to be attempting to control misbehaving clients, by using the "consumer key" pair as a secret key for app developers. This is proving impossible for FOSS clients to work with, and is trivially hacked to allow third-party app impersonation. Bad idea, Twitter
twitter  fail  oauth  standards  open-source  gwibber  security  from delicious
september 2010 by jm
free Twitter proxy for access to the Twitter API without requiring OAuth, perfect for stupid read-only stuff like my filter-tweets script (via Padraig)
via:pixelbeat  api  oauth  proxy  twitter  web  http  curl  supertweet  from delicious
september 2010 by jm
SoundCloud Developers Manifesto
'We recognize that only through your apps and hacks, can SoundCloud fully realize its potential as the audio platform.'
apps  hacks  soundcloud  mp3  music  hosting  files  json  rest  oauth  apis  http  from delicious
may 2010 by jm
Gmail APIs and Tools: IMAP and SMTP using OAuth
'The Gmail IMAP and SMTP servers have been extended to support authorization via the industry-standard OAuth protocol.' pretty cool, support third parties sending outbound as you, or filtering your inbound gmail
gmail  mail  oauth  smtp  imap  api  from delicious
march 2010 by jm

Copy this bookmark: