Same question for bad timestamps. The spec (paragraph 10) says timestamps must be >= previous timestamps but there's no HTTP 400/401 string for this.
On Aug 22, 7:59 pm, Doug Kaye <[email protected]> wrote: > Spec 6.3.2 (service provider processing of access token request) says > to return an HTTP error if the oauth_verifier is bad. But Spec > paragraph 10 indicates neither whether a 400 or 401 should be returned > nor an appropriate text string. What is expected? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
