An alternative that's been gaining ground, particularly with iPhone and Android apps (which are more desktop than mobile), is to register a custom protocol handler w/ the operating system and use a custom oauth_callback url that looks something like x-my-great-app://main?oauth_token=<validated request token>.
The only requirement that this has for the SP is to support (relatively) arbitrary URIs as oauth_callbacks. seth On Thu, Jan 1, 2009 at 8:26 AM, kellan <[email protected]> wrote: > > In the desktop flow you generally have the consumer display a big pink > button reading, "Thanks, I've authorized you, lets continue" or some > such, that the user clicks when they've finished the authorization > step with the SP. At which point the Consumer makes its request to > the Access Token URL. Other tricks are possible, but they require a > fair amount of coordination between the Consumer and the SP. > > -kellan > > On Thu, Jan 1, 2009 at 10:12 AM, Nouman Ashraf <[email protected]> wrote: >> Hi All, >> I am going to implement OAuth protocol in my desktop application >> (consumer) with a web service(service provider) but i am confused that >> how service provider redirect user back to consumer with authenticated >> request token. i.e. how can i get that authenticated request token and >> come to know in a desktop application that the user get validated etc. >> etc... >> > >> > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
