On Apr 29, 2009, at 4:46 PM, Brian Eaton wrote: > >> ii) Is the intent of the oauth_verifier to prevent the possibility of >> a similar redirect break between acquiring the authorized request >> token and getting the access token? > > You lost me on this one, can you rephrase?
The oauth_verifier is to be linked by the SP to the request token and the consumer key. So this ensures that the consumer is the same consumer which applied for the request token on behalf of the user- agent which is being led around all over the place in search of some user data - correct? Thanks, - johnk --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
