PHP Town Hall

Phil, Ben and a super-star guest answer questions and talk about current events in the PHP world.

Episode 9: Is OAuth 2 the Devil?

Alex Bilbie and Zackary Blank come on the show to talk about OAuth 2, which has been getting a lot of flamey bad press over the last year or two after the original author quit the project.

Why these guys? Well, Alex until recently was working at the University of Lincoln where they did a whole bunch of OAuth 2 work as auth for various API projects at the university. During this time he created the fully spec compliant CodeIgniter OAuth 2.0 Server, which was later replaced with a new generic PHP version for “The League of Extraordinary Packages”. It’s safe to say that Alex knows his shit when it comes to OAuth.

Zachary works for a different company on the same floor as Phil, and a client who shall remain nameless has been complaining about OAuth 2, for reasons that we both felt to be… well… silly. He’s been using Alex’s later library for several high-profile projects and is interested in the security angle.

Discuss this on Reddit.

Fork me on GitHub