On 2011-01-05, at 7:01 PM, Francisco Corella wrote:
> --- On Wed, 1/5/11, Marius Scurtescu <mscurte...@google.com> wrote:
> > > This seems to be saying that the user's machine has a Web
> > > server running on it which is reachable from the Internet by
> > > sending an http request to the redirection URI. That's
> > > unrealistic because the user's machine won't typically have
> > > a permanent IP address reachable from the internet.
> >
> > For custom schemes you don't need a local web server.
> >
> > You can also use a local web server, no routable/permanent IP is
> > needed. The authorization server can redirect to localhost perfectly
> > fine.
>
> Ah, ok. I'm not familiar with custom schemes, but I do
> understand that you can redirect to localhost. Thanks for
> the explanation.
An example of a custom scheme would be what Pounce popularized on the iPhone.
A redirect to pounce:// would load the Pounce app and pass in the URL
-- Dick
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
