As I have mentioned in my previous post, I am working on creating an “universal” OAuth plugin for WordPress.
So far, I have been trying with Facebook, Twitter and Google. I have made the following observations:

FaceBook doesn’t login when the scope is not set, but allows this to be an empty string. However, Google complains about a missing parameter when this is not set. When this is set to an incorrect parameter, such as “email” (which is correct for Facebook btw), the login dialog appears, asking me to grant permissions to my application. However, the application does not receive an access token. I do receive an access token when I use ‘https://www.googleapis.com/auth/userinfo.email’ as my scope.

Facebook has something like a default scope when I don’t request anything. Therefore, a scope is not required there. It seems, I must request some scope for Google. So, it seems, I should store a default scope to my plugin as well.

The PHP OAuth implementation I am using to generate my WordPress plugin has some services pre-defined. So, I can just tell it to connect to Facebook, Twitter, Google, Tumblr, etc. etc. So, if some scope is required, I might add it as default in the OAuth implementation, or add it as a predefined interface element.

« »