+1 for a RI John, could you expand on what you mean by 'programming interface' vs. 'protocol interface' problems?
At ma.gnolia, we spent a pretty decent amount of time helping people debug rejected signatures that were usually resulting from differences in both how the implementor of the client library composed the Signature Base String and differences in how the various URL libraries from different platforms handle encoding. I would call these 'protocol' issues not software design issues. However, while trying to debug problems with conflicting signatures, it was often necessary to ask the client user to try to find the SBS for a given set of inputs which was not always easy. So, software design guidelines suggesting a debug mode that would log the SBS data somewhere might be a good idea too. -Jesse On Jan 8, 2009, at 11:08 AM, John Kristian wrote: > > +1 > > There are some unit test cases at http://wiki.oauth.net/TestCases > > It seems like some (most?) of the problems are with the programming > interface, not the protocol interface. That suggests we need > guidelines for software design, more than a reference implementation. > Of course, a reference implementation would be helpful too. > > On Jan 8, 8:43 am, "Hans Granqvist" <[email protected]> wrote: >> Once there is an agreed-upon reference implementation (RI) >> (http://en.wikipedia.org/wiki/Reference_implementation), >> developers have a solid point to test their implementations >> against and everyone should be happy ;) >> >> Note a RI doesn't need to be production-level code, just code >> that 100% correctly implements the spec. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
