Hi On Thu, Jul 8, 2010 at 10:54 AM, Łukasz Moreń <[email protected]>wrote:
> Hi, > > When user makes request to authorization endpoint i.e: > https://photos.example.net/authorize?oauth_token=hh5s93j4hdidpola > > I have to check whether oauth_token is valid. If so redirect to user's > sign in page, if not redirect to some error page. > I'm wondering should the server try to redirect the end user back to the consumer first, provided the consumer did register a callback ? The consumer will recognize that no verifier is available and will reply back to the end user : "can not access your resource because the server thought my request token was invalid" (just an example), so it will be the responsibility of the consumer as to what to say if the request token expired or something. Though if no callback is available then the server will have to reply to the end user indeed... > So far I use RequestDispatcherProvider, but I am stuck a bit, hot to > perform a conditional redirection (i.e. depends on object passed to > MessageBodyWriter). > I haven't found any easy way to do that. I can write custom > RequestDispatcherProvider based on existing one, but maybe there is > easier way? > > Perhaps a simpler option is to handle it by using Response.seeOther(relativeUri) in a service provider method which does the validation which will redirect the user to a dedicated method handling errors... cheers, Sergey Thanks for help. > > Cheers, > Lukasz >
