The problem reporting should be part of the core spec and most basic error code should be standardized.
Right now, nobody uses the extension. We were going to use it but it's different from the codes defined in Java library. We ended up following Java library. On Mar 2, 12:26 pm, Simone Tripodi <[email protected]> wrote: > Hi again, > it could be nice adding in the wiki page the HTTP error code - > according tohttp://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html > spec - that the SP should be send to the consumer for each problem. > > Are there already been defined? Otherwise, I propose following codes: > > BAD_REQUEST = 400 > UNAUTHORIZED = 401 > > # version_rejected: BAD_REQUEST > # parameter_absent: BAD_REQUEST > # parameter_rejected: BAD_REQUEST > # timestamp_refused: BAD_REQUEST > # nonce_used: BAD_REQUEST > # signature_method_rejected: BAD_REQUEST > # signature_invalid: BAD_REQUEST > # consumer_key_unknown: BAD_REQUEST > # consumer_key_rejected: BAD_REQUEST > # consumer_key_refused: BAD_REQUEST > # token_used: UNAUTHORIZED > # token_expired: UNAUTHORIZED > # token_revoked: UNAUTHORIZED > # token_rejected: UNAUTHORIZED > # additional_authorization_required: UNAUTHORIZED > # permission_unknown: UNAUTHORIZED > # permission_denied: UNAUTHORIZED > # user_refused: UNAUTHORIZED > > What do you think about it? IMHO it could be useful for developers of > both SP and Consumer to make easier the problems communication. > Best regards, > Simone > > 2009/3/2 Simone Tripodi <[email protected]>: > > > > > Hi all folks, > > I've a a maybe already asked question, so apologize in advance if I > > didn't find the reply I'm looking for in the archive, I 'googled' and > > raw codes before but unfortunately I didn't clarify my doubt. > > > I've been developing an OAuth SP for a customer and while writing the > > Problem Reporting I've been in trouble about the response format: > > reading the specification on > > >http://wiki.oauth.net/ProblemReporting > > > I understood that it should be, for example > > > oauth_problem=version_rejected&oauth_acceptable_versions=1.0 > > > There are some SP - I mean also Google - that replies in this different > > format: > > > version_rejected > > oauth_acceptable_versions=1.0 > > > What should be the right format? > > > In the case the first is the official, in the wiki page the > > 'oauth_parameters_absent' is described as > > > "The parameter named oauth_parameters_absent consists of a set of > > parameter names, percent-encoded and separated by '&'." > > > So, what's the right operations sequence? First the parameters > > concatenation using '&' and then percent-encoding? Otherwise a message > > that looks like > > > oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key&o > > auth_nonce > > > should be harder to understad!!! > > > Many thanks in advance, any kind of help is very well appreciated :) > > Best regards! > > Simone > > > -- > > My LinkedIn profile:http://www.linkedin.com/in/simonetripodi > > My GoogleCode profile:http://code.google.com/u/simone.tripodi/ > > My Picasa:http://picasaweb.google.com/simone.tripodi/ > > My Tube:http://www.youtube.com/user/stripodi > > My Del.icio.us:http://del.icio.us/simone.tripodi > > -- > My LinkedIn profile:http://www.linkedin.com/in/simonetripodi > My GoogleCode profile:http://code.google.com/u/simone.tripodi/ > My Picasa:http://picasaweb.google.com/simone.tripodi/ > My Tube:http://www.youtube.com/user/stripodi > My Del.icio.us:http://del.icio.us/simone.tripodi --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
