I have been following this for a while, and I thought I saw talk of a pseudo
release soon. I just wanted to express a few issues I have had.
First, after searching for several weeks for a better OAuth implementation, I
have to say this is a breath of fresh air, and I thank all of you for your hard
work. In my opinion, this is the best Java-based OAuth solution I have come
across yet.
Second, the lack of documentation is a little prohibitive. That said, between
the couple examples you do have and the actual specification, I was able to get
up and running pretty quickly.
Finally, I think there is an issue with the "token" request, e.g.
OAuthTokenRequest. It requires the "redirect_uri" parameter which is
technically optional:
redirect_uri
REQUIRED, if the "redirect_uri" parameter was included in the
authorization request as described in Section 4.1.1, and their
values MUST be identical.
Since the policy for my system is that it cannot be given for the "code"
request, it will never exist here.
I am hoping to convince my superiors that it is worth investing some of my time
in helping this project evolve, so, hopefully, I will be able to donate some of
my time in near future. But, no promises.
Thanks again,
John
