+10. On Wed, Jan 7, 2009 at 7:47 PM, jr conlin <[email protected]> wrote:
> > I know that this list is about OAuth in general, but I'm seeing a fairly > consistent pattern with how people are using the client libraries. > > Netflix uses OAuth for all requests. This means that consumers are using > a vast majority of the libraries in order to use our services. Over the > past few months, we've been working with them in order to isolate > problems and I've been seeing a few issues like .Net's base URL encoder > defaults to lower case hex, Ruby's URL encoder defaults to encoding > spaces as '+', and others. > > While the library authors have done great jobs at working around these > issues, they haven't always made things easy for their users and have > expected them to duplicate their efforts to ensure that variables are > encoded for transfer the same way that they're encoded for the signature > generator. > > Users are often frustrated because they call the Library, get the OAuth > Signature Value, yet when they make the call it fails for reasons that > aren't always obvious. > > My proposal is that to get OAuth wider usage, the libraries should be > built to a common set of guidelines, things like: Hex Values should be > in upper case, escape routines should be publicly accessible, libraries > should return properly formatted OAuth Authorization Headers, etc. > Basically, help users avoid making common mistakes which will lead to > frustration around OAuth. > > Thoughts? > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
