The OAuth spec is silent on how to handle section 5.2 when an HTTP PUT |POST might be used to send in OAuth parameters AND resource content. For example, an OpenSocial endpoint uses OAuth for authentication and may post an XML encoded version of a Person. In this case, does a compatible OAuth endpoint have to accept OAuth parameters in the POST body or can it choose to only look for parameters in the HTTP Authorization header and on the query string?
Scott Seely architect email sse...@myspace.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
