The ability of a build service to pull the developers code from a third party source repository, after logging on with the rights of the developer during the pull action, clearly shows something that is “non API” about oauth handoffs.
Playing with the adobe phonegap build service, free variant, we see what happens when, after creating a local adobeid we “link it” to our github identity (allowing the build service to pull a repository):
This all felt very natural and NON controlling. Of course, being a US service there *will* be covert, hidden or otherwise untoward indirect control and monitoring. So let’s slowly see how to remove any US vendors from the setup so we are free (of that monitoring). Of course, this may well mean we get German monitoring instead – which is just as convert, hidden and even more untoward that the US version (which is the best of a bad lot).
An even nicer feature is the ability to then use the github as the IDP when logging in to the build service.