Re: [oauth] oauth_callback parameter not sent to getsatisfaction
hi, However GetSatisfaction requires that oauth_callback=http://mysite.com/myresource be sent along with the authorization url As you mentioned the callback url must be send when you obtain the Temporary Credentials. You can set the callback to oob but then you have to provide the url in anotherway to GetSatisfaction. Unfortunately since my callback url is different at different entry points Then you probably must use the oauth_callback param. I dont know the API of GetSatisfaction but if its not according to the specification you should probably contact them. best regards -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
Re: [oauth] oauth_callback parameter not sent to getsatisfaction
Hi! Just to clarify: The protocol knows two ways for sending the OAuth callback, one is along with the request token; and the other is by attaching it to the URL. The former (1.0a) is recommended and was introduced after security issues had been known about the latter (1.0). Regards, Lukas 2010/4/26 k42b3 k42b...@googlemail.com hi, However GetSatisfaction requires that oauth_callback=http://mysite.com/myresource be sent along with the authorization url As you mentioned the callback url must be send when you obtain the Temporary Credentials. You can set the callback to oob but then you have to provide the url in anotherway to GetSatisfaction. Unfortunately since my callback url is different at different entry points Then you probably must use the oauth_callback param. I dont know the API of GetSatisfaction but if its not according to the specification you should probably contact them. best regards -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com oauth%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en. -- http://lukasrosenstock.net/ -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
Re: [oauth] oauth_callback parameter not sent to getsatisfaction
Ok, now I realize that there are two ways of sending OAuth callback. Thanks for the help! On Mon, Apr 26, 2010 at 5:08 AM, Lukas Rosenstock l...@lukasrosenstock.netwrote: Hi! Just to clarify: The protocol knows two ways for sending the OAuth callback, one is along with the request token; and the other is by attaching it to the URL. The former (1.0a) is recommended and was introduced after security issues had been known about the latter (1.0). Regards, Lukas 2010/4/26 k42b3 k42b...@googlemail.com hi, However GetSatisfaction requires that oauth_callback=http://mysite.com/myresource be sent along with the authorization url As you mentioned the callback url must be send when you obtain the Temporary Credentials. You can set the callback to oob but then you have to provide the url in anotherway to GetSatisfaction. Unfortunately since my callback url is different at different entry points Then you probably must use the oauth_callback param. I dont know the API of GetSatisfaction but if its not according to the specification you should probably contact them. best regards -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com oauth%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/oauth?hl=en. -- http://lukasrosenstock.net/ -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com oauth%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en. -- Regards, Vasu Srinivasan -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
[oauth] Found two small mistakes in draft-hammer-oauth2-00.txt document
Hey, while OAuth 2.0 seems very nice and very well thought through overall, I couldn't help but notice two small mistakes in the draft: a) In section 5.3, it says ... with a matchin hmac-sha256 secret by using the token_type parameter when requesting an access token. and it should say secret_type instead of token_type. b) In the example in section 4, it says POST /authorize HTTP/1.1 however, according to the text above (and per common sense) it should say POST /token HTTP/1.1 (as it's the token endpoint, not the authorization endpoint that is being addressed). Thanks and keep up the great work. -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
Re: [oauth] Found two small mistakes in draft-hammer-oauth2-00.txt document
On 4/26/10 9:16 AM, KiNgMaR wrote: while OAuth 2.0 seems very nice and very well thought through overall, I couldn't help but notice two small mistakes in the draft: Please send feedback about the Internet-Draft to the IETF list: https://www.ietf.org/mailman/listinfo/oauth /psa smime.p7s Description: S/MIME Cryptographic Signature