Cool, thanks for the info. It's kind of a pity; it was a good vision and a neat idea.
On Mar 8, 8:39 pm, Eran Hammer-Lahav <[email protected]> wrote: > This statement was more 'vision' than 'practice'. I'll adjust it to correct > this misconception. The idea is that OAuth *could* be used in such a way, but > as far as I know, no one is applying it like that. > > EHL > > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] On Behalf > > Of CA Meijer > > Sent: Sunday, March 08, 2009 11:01 AM > > To: OAuth > > Subject: [oauth] Re: Twitter OAuth Direct Access > > > Thanks for the reply. I think that I understand your point but it > > seems somewhat at odds with the following sentence in the basic guide: > > "When OAuth is used as a direct replacement of HTTP 'Basic', the > > Consumer Key and Consumer Secret should hold the username and > > password, and the Token and Token Secret should remain empty." > > > If I want to update my status at Twitter, using my username and > > password in the "consumer parameter" seems (1) consistent with the > > quote above and (2) an inherently sensible choice. > > > Is it impossible to use "OAuth as a direct replacement of HTTP > > 'Basic'" at twitter? Or am I missing something completely trivial? > > > On Mar 8, 6:20 pm, Eran Hammer-Lahav <[email protected]> wrote: > > > It doesn't refer to the idea that you can put your basic-auth > > credentials and just stick them into random parameters. The idea of > > direct access is when the application want to call the service without > > a user-context. That is, to perform some administrative work related to > > the service but not on behalf of a user. In the case of Twitter, the > > only thing you can put in the consumer parameter is something Twitter > > gives you when you register a new application. > > > > EHL --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
