Support of OAuth2 protocol

[bronislav]

I'm going to add support of OAuth2 protocol to dispatch library. I'll be do it according to the OAuth2 specification (RFC 6749).

Any commentaries and suggestions are welcome.

[rickeyvisinski-kanban]

scala.util.parsing.json is deprecated starting in Scala 2.11, so I would say it is time to pick a Json module, eg json4s, to implement any new functionality.

[bronislav]

I'm don't want to make core module dependent on the json4s module. But what options we have:

• Use json4s and make core depend on the json4s module
• Extract OAuth in the separate library. For example dispatch-oauth2 and then it will be possible to use json4s not making excess dependencies.

Am I right? Any other options?

[rickeyvisinski-kanban]

That is how I see it.

The last option is to push for the json4s/lift json inclusion in core, which has been talked about but is doubtful to ever happen.

[softprops]

Going to chime in here. Dispatch is an library for making HTTP requests. What it means to be core is to do just that. Json is not part of HTTP, it's a serialization format. There is a json4s module because a) you don't need a JSON parser to make all HTTP requests and b) it would couple dispatch core with a specific implementation of JSON parsing. There are many completing ones out there!

I would point oauth2 parameter handling in a separate module because a) you don't need oauth2 support to make any HTTP requests and b) you don't want to add a specific JSON implementation to the cores dependency chain as a result of adding oauth2 support

The reason why you'll file an oauth1 signer in core is because the underlying library already supports it. no extra dependencies were needed

[softprops]

Should have looked at what actually changed first. Looks like you did just that. I think its okay for a submodule to have it's own dependency. I'd be against coupling core with something that really isn't core to making http requests.