I’m developing some third-party application for Sina Weibo, but have something made me really confused: No signing required for their “OAuth2”?
According to its API documents (like this, and sorry there is only Chinese version), the
only thing I should do is to POST to their HTTPS server directly with my query parameters together with two additional param: my appkey, and plain text access_token. And that’s all, no signing process, no other thing to do.
Another strange point is, for the mobile authenticate process, user have to provide username/password to the app, then go for “OAuth2”.
So firstly when I try to use python-oauth2 library to handle it, I don’t know how to do it at all, since this “OAuth2” is too different from all the example codes I could found on the Internet.
I’d like to ask, is this REALLY a standard OAuth2? If it is, how can I implement it in python with some existing normal OAuth library?
Sina Weibo provides three auth methods, which are OAuth 1.0, OAuth 2.0 and xAuth.
If you are sure that you are working on OAuth 2.0 then yes Sina uses the
standard OAuth 2.0, and you will not want to use python-oauth2 because
it’s really an OAuth 1.0 library.
Instead you should use Sina’s official binding which could be downloaded
from http://code.google.com/p/sinaweibopy/
And the document page of Sina’s OAuth 2.0 is http://open.weibo.com/wiki/%E6%8E%88%E6%9D%83%E6%9C%BA%E5%88%B6%E8%AF%B4%E6%98%8E
It seems now OAuth 2.0 is the standard and only way for Weibo authorization.