Sorry for the formatting thing. For clear understanding I am copying that again Request Token: Used by the Consumer to ask the User to authorize access to the Protected Resources. The User-authorized Request Token is exchanged for an Access Token, MUST only be used once, and MUST NOT be used for any other purpose. It is RECOMMENDED that Request Tokens have a limited lifetime
.Access Token: Used by the Consumer to access the Protected Resources on behalf of the User. Access Tokens MAY limit access to certain Protected Resources, and MAY have a limited lifetime. Service Providers SHOULD allow Users to revoke Access Tokens. Only the Access Token SHALL be used to access the Protect Resources. On Tue, Sep 30, 2008 at 6:40 PM, Astha Bhatnagar < [EMAIL PROTECTED]> wrote: > Missed the link for OAuth Specification(source of the definitions) > http://oauth.net/core/1.0#anchor9 > > > On Tue, Sep 30, 2008 at 6:37 PM, Astha Bhatnagar < > [EMAIL PROTECTED]> wrote: > >> Hi, >> In OAuth authentication process two type of tokens are used: >> >> Request Token: Used by the Consumer to ask the User to authorize access >> to the Protected Resources. The User-authorized Request Token is exchanged >> for an Access Token, MUST only be used once, and MUST NOT be used for any >> other purpose. It is RECOMMENDED that Request Tokens have a limited >> lifetime. Access Token:Used by the Consumer to access the Protected >> Resources on behalf of the User. Access Tokens MAY limit access to certain >> Protected Resources, and MAY have a limited lifetime. Service Providers >> SHOULD allow Users to revoke Access Tokens. Only the Access Token SHALL be >> used to access the Protect Resources. >> >> >> It is clear by the Request token definition that it is used only once and >> it has a limited life time. So when you move back or forward same request >> token is submitted to get data or to get access token. That's why it gives >> error "Invalid auth token". >> >> Anybody here please correct me if I'm wrong :-) >> >> On Tue, Sep 30, 2008 at 5:48 PM, Youri op 't Roodt <[EMAIL PROTECTED]>wrote: >> >>> Hi, >>> >>> I¹m implementing a OS 0.7 container and I¹ve stumbled upon an issue where >>> the gadgets.window.adjustHeight() doesn¹t work when you come to a page >>> with >>> a gadget by clicking the forward/back button of your browser (so far in >>> FF30 >>> and SAF312). The iFrame urls contain a new rpctoken, but somehow the >>> authToken in the gadget has an Œold¹ value. When I reload the page (e.g. >>> Cmd-R), the tokens are in sync again and everything works fine. If, from >>> there, I go forward and then back (using the browser buttons) to the same >>> page, the authToken in the gadget still has the Œold¹ value. The >>> gadgets.rpc.process function then throws the ³Invalid auth token.² error >>> when trying to adjust the height. >>> I¹ve seen this happening on Hi5 as well, did anyone else experience this >>> or >>> maybe have a solution? >>> >>> Thanks in advance, >>> >>> Youri op Œt Roodt >>> Hyves >>> >>> >> >
