Comment 11 for bug 517122

I've started working on this, but it's not going as well as I had hoped. Reddit doesn't provide an API-friendly authentication mechanism.

We will have to send a POST request to /api/login and then pull out the session cookie, which lasts for two days[1]. We'd have to cache that value and update it every time it stops working. This adds a lot of complexity and a little bit of extra communication overhead.

I'm not sure if I'm totally comfortable making Reddit available in Gwibber out of the box as long as it works like this. What I'm planning to do now is get support for Reddit landed in trunk so that the daily build users can test it and see how well it works in practice. If it creates problems, then it just won't be included in official releases and users who really want it can run the nightly builds or something.

If some of you Reddit hackers want to add support for HTTP Basic auth or a desktop-friendly[2] OAuth 2.0 implementation to Reddit itself, that would be hugely beneficial.

[1] http://www.reddit.com/r/redditdev/comments/anq3l/authenticating_to_reddit_api/c0iikar
[2] By desktop-friendly OAuth, I mean that it MUST NOT require a consumer secret key. For an example of how that might work, look at the desktop auth flow for Facebook's new Graph API