Hello, I have some questions relative to the spec:
- It appears that the Authorization HTTP header can be used to provide the OAuth parameters even for the parts described in http://oauth.net/core/1.0a#anchor9 Authenticating with OAuth. Is this correct or is that method only used for http://oauth.net/core/1.0a#anchor12 Accessing Protected Resources? - http://oauth.net/core/1.0a#nonce Nonce and Timestamp mention that the timestamp must increase between requests, and I can only assume this is at least "per consumer" and not a requirement such that the timestamp would increase across every consumer. I wonder if that is enough though or if the timestamp is actually "per request/ access token" so that two concurrent procedures of http://oauth.net/core/1.0a#anchor9 Authenticating with OAuth by the same Consumer (for different Users for example) would be allowed? - I could not find in the spec any mention of concurrent use of the OAuth Service Provider. Are there any atomicity/concurrent constraints to be aware of and to handle specifically? Thanks for your help. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
