OpenId as an ad-hoc federator

Martin Atkins mart at degeneration.co.uk
Mon Oct 10 11:58:20 PDT 2005


S. Sriram wrote:
> 
> -Caller redirects the user to send an HTTP GET request directly to the
> Rest API url as follows:
> 
> http//targetsite.com/restapi/get_my_data_out
>   ?openid=www.livejournal.com/users/myid
>   &returl=http://caller.com/put_my_data_in
> 

The main reason behind the complication of OpenRPC was to allow several
things to happen at the same time. Each time this is done the target
site must do the OpenID auth as well as providing a form for the user to
confirm the action. My OpenRPC proposal attempted to bundle a bunch of
related things together into one cycle so that this round-trip would
only happen once.

Putting the parameters and the response in the URL also limits the
volume of data that can be transferred, so although you could in theory
bundle a bunch of requests together by your scheme you would soon run
into situations where user-agents truncate the URL or simply fail to
make the request, or where intermediate proxies or destination servers
refuse to deal with the URL.

What use case do you imagine your scheme being applied to?

All the best,
-Martin



More information about the yadis mailing list