On Sat, Oct 12, 2013 at 01:53:49PM -0400, Kyle L. Huff wrote:
> I did however notice while I was poking around that the option
> '--bearer' might be slightly ambiguous in name. It doesn't create any
> conflict that I am aware of at the moment, however, OAUTH v2 is not
> the only authentication mechanism which uses "bearer" tokens. I wonder
> if this might need to be changed to something more implementation
> specific... I don't know enough about the OAUTH v1.0 implementation to
> say if something like "--oauth-bearer" would be a better choice, and
> of course that presumes that there is a possibility that at some point
> OAUTH v1.0 will be implemented in cURL -- which as I understand it,
> OAUTH v1.0 is, and will remain valid, and is in use by some major
> players.

If this were an option like --pass that could apply to several authentication
types, then keeping it generic would make sense. But, IIRC, --bearer actually
enables OAuth2 as well as providing a secret, so it seems better to me to be
more specific in what the option is actually enabling. In that case, making the
option more specific to OAuth2 sounds like a good idea.

>>> Dan
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-10-12