Hello!
To answer your question ... the OAuth Temporary Credentials, which means the
Request Token and Secret, are usually randomly generated by the Server in
the same way like the Token Credentials (Access Token and Secret) and sent
to the client.
The Client needs the oauth_token_secret only once: for the request in which
the Request Token is exchanged for an Access Token.
For the requests between Client and Server, the signature is generated as
follows:
1) Request for Temporary Credentials - signed with Client Credentials only.
2) Request for Token Credentials - signed with Temporary Credentials (this
is what you need the oauth_token_secret for).
3) Request for Resources - signed with Token Credentials.
Hope I could help.
Regards,
Lukas Rosenstock
2010/7/28 KeefTM kee...@gmail.com
So I am currently writing a SP, and I have a few questions. First, I
am following the specs here: http://tools.ietf.org/html/rfc5849 Those
are the correct specs to follow, right? Second, it seems that for the
Temporary Credential Request, oauth_token and oauth_token_secret are
randomly generated. Is this the case? If so then what does the Client
do with the oauth_token_secret? Thanks!
--
You received this message because you are subscribed to the Google Groups
OAuth group.
To post to this group, send email to oa...@googlegroups.com.
To unsubscribe from this group, send email to
oauth+unsubscr...@googlegroups.com oauth%2bunsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/oauth?hl=en.
--
http://lukasrosenstock.net/
--
You received this message because you are subscribed to the Google Groups
OAuth group.
To post to this group, send email to oa...@googlegroups.com.
To unsubscribe from this group, send email to
oauth+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/oauth?hl=en.
