Seth Fitzsimmons wrote: >>> I've got an app here that we'd like to have authenticated RSS feeds on >>> it-- non-public data that nonetheless can stream pretty nicely in an RSS >>> format. It seems that OAuth-for-desktop-apps is a great fit for this, >>> with the only problem being that the RSS readers would have to support >>> this at the client level. Has anyone tried to build this into a reader? >>> A quick search turned up nothing, but am I missing anything obvious? >>> >>> The biggest problem I can see is that since OAuth requests are nonce'd >>> and signed unqiuely, which gets away from the spirit of RSS's >>> one-URL-per-feed (if you're using GET parameters, especially). I've seen >>> authenticated RSS by way of per-stream tokens, and I've seen a few RSS >>> readers that implement HTTP-BASIC auth. This feels like it's a good fit >>> with bad timing. >>> >> Yeah, no one has implemented yet because of that dang chicken. Or was it the >> egg? >> > > I thought Blogger announced support for OAuth-protected feeds at one > point? Not that I've seen client support... > Yes, Blogger feeds support Google AuthSub, Google Client Auth, and OAuth. Clients are most welcomed.
I highly encourage the use of the Authorization: header rather than sticking auth data into URL params. John --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
