Brian Eaton wrote: > > Use case is consumers and service providers trying to transition to > OAuth 1.0a in parallel without creating down time or needing to "all > hold hands and jump together".
I still don't quite see the problem. If the issue that that the Consumer doesn't know if the SP supports 1.0 or 1.0a, then the Consumer should pass the callback URL both to the Request Token Step (in case the SP understands 1.0a) AND to the Authorization Step (in case the SP is still on 1.0). Presumably, an SP that understands 1.0a will ignore the callback from the Authorization step, while a 1.0 SP will ignore the callback sent on the Request Token step. Am I missing something? Allen --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
