Elevator Pitch
Authentication is HARD. Getting it right is painful. Getting it wrong can end your business or start your new career as a security expert. So let someone else do the heavy lifting. OAuth, while it sounds scary, is one way to get out of the authentication business.
Description
Recently, I had to the pleasure (and pain) of implementing an OAuth CLIENT for an internal project. I will share that experience with you (TDD all the way, baby). We had some non-trivial design decisions to make; how to share tokens across processes and threads, where to store the long term refresh token. We travelled down some garden paths, ended up in a design cul-de-sac, then we tested our way out and into a really nice stable little library that is not nearly as opaque as the standard libraries.
So, while I don’t recommend reimplementing security code, it was a healthy exercise and will give you a better appreciation for why you should use someone else’s library.
The references to Dr. Strangelove go deeper than the title, since one of the core plot devices is that a user of the system was able to gain privileged access to a resource without permission. Heh.