Inadequate notification of this issue has just wasted a full day of my time. I'm guessing you're not releasing details to protect the other OAuth service providers. Did you think that this is at the same time damaging consumers? At least give notification of fixes once you've 'fixed' them even if you decide not to release warning in advance. You have acted irresponsibly towards your developer community yet again, as the sentiments in the other comments make clear.
Tim On Jul 28, 3:35 pm, Chad Etzel <jazzyc...@gmail.com> wrote: > I would start by looking at the OAuth spec at Section 9 - Signing Process. > > http://oauth.net/core/1.0a#signing_process > > In fact, if you (meaning everyone) have never read the whole spec, you need > to. > > -Chad > > On Mon, Jul 27, 2009 at 11:31 PM, goodtest<goodtest...@gmail.com> wrote: > > > Yeah, I agree, can you please point out what (in general) we might be > > doing wrong? I still think you probably have a further-regression bug.
