The callback_accepted parameter isn't part of the draft spec, is it? On Wed, May 6, 2009 at 9:40 AM, John Kemp <[email protected]> wrote: > > On May 6, 2009, at 11:49 AM, Brian Eaton wrote: > > [...] > >> However, existing clients have hardcoded callback URLs on their >> approval URLs. If the consumer code can detect that the service >> provider supports OAuth 1.0a, it can automatically correct that >> problem by stripping the callback URL off the approval URL. If the >> consumer code can't detect service provider version, then we're going >> to end up in situations where different callback URLs are sent on both >> the request token step and the approval step. > > Wouldn't the consumer detect that the SP supports the new flow by > seeing that there is the callback_accepted parameter on the initial SP > response? If not, it can repeat the request with the old flow. > > - johnk > > > >
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
