Hi,
Iam passing accessToken as null now.Even then i get the same exception
that token has been expired inside SampleOAuthProvider.getAccessor()
Inside this method,it is checking for tokens and since they are coming
as null accessor object is set to null as a result of which we are
getting
I'm sorry but I can't help thinking that it is wrong putting the
scalability burden on your users and not handling it internally. I may
be wrong but I think there is little to none support for the Session
Extension protocol in any of the libraries.
Couldn't a similar system be created without
Hi Robert,
As I'm sure you've figured out from the extension spec, it allows a
Consumer to upgrade scopes in a dynamic way based on user consent.
This is the model we use at AOL where users can be presented with a
consent dialog if they have not yet consented to allow the Consumer to
access
I've started a page on the OAuth WIki specifically with best practices
for scaling OAuth providers.
The differences between large and small providers are large so I've
approached it from both angles. Please add to it.
http://wiki.oauth.net/Scaling-OAuth-providers
--
http://agree2.com - Reach
Sorry I believe you are correct that the EchoServlet is currently written to
only support 3-Legged OAuth. I think by changing the EchoServlet in the
following ways it should support 2-Legged.
1) Instead of
OAuthAccessor accessor = SampleOAuthProvider.getAccessor(requestMessage);
Use
final
Hi Robert,
The text in the Yahoo documentation is not factually correct - however
it doesn't really matter for client developers who are calling our OAuth
protected services.
We currently do not allow developers to change the scopes for their
consumer keys after we've issued them. The slang
Hi Pelle,
When we built our OAuth implementation, we considered many possible
solutions, including solutions very similar to the ones that you
described. We even built a few prototypes.
However, only after thoroughly investigating all other alternatives, we
found that we could not implement
A feature I'd also like to have as a consumer is the reverse operation
- starting with a broad scope for initial setup, then narrowing scope
before storing my secret anywhere other than local memory.
On Friday, October 16, 2009, Allen Tom a...@yahoo-inc.com wrote:
Hi Robert,
The text in the
