[vlc-devel] [RFC PATCH] add vlc_keystore API
Rémi Denis-Courmont
remi at remlab.net
Mon Nov 23 17:05:44 CET 2015
Le 2015-11-23 18:52, Steve Lhomme a écrit :
>> +/**
>> + * @}
>> + * @defgroup keystore_implementation to be implemented by keystore
>> modules
>> + * @{
>> + */
>> +
>> +/* TODO: vlc_keystore_entry helpers to create/release/find */
>> +
>> +typedef struct vlc_keystore_sys vlc_keystore_sys;
>> +struct vlc_keystore
>> +{
>> + VLC_COMMON_MEMBERS
>> +
>> + /* Module properties */
>> + module_t *p_module;
>> + vlc_keystore_sys *p_sys;
>> +
>> + /* functions to implement */
>> +
>> + /**
>> + * Store a password associated with a given dictionary
>> + * TODO: more implementation details
>> + */
>> + int (*pf_store)(vlc_keystore *p_keystore,
>> + const vlc_dictionary_t *p_dict,
>> + const char *psz_passwd);
>
> Not sure password is the right term for an OAuth token. Maybe
> psz_secret ?
I doubt that OAuth tokens should be stored in the key store at all.
They tend to be short-lived afterall. I believe browsers store the
username and password and/or the cookie, with which to generate a new
OAuth token.
Also I don't suppose that any browser exposes OAuth tokens in a key
store accessible to other applications. Google explicitly recommends
sending the token via a WebSocket or, on Windows only (sensitive people
may not want to read the rest of the sentence) via the name of the
window (feel free to vomit now, you had been warned).
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list