I would say "absence of verifier", since without that, the 1.0a process won't complete. But that wouldn't be backward-compatible with 1.0, which didn't have the verifier. --Richard
On Fri, Dec 11, 2009 at 4:17 PM, Jimmy Z <[email protected]> wrote: > Section 6.2.3 of the 1.0a states the following: > > "If the User denies access, the Consumer MAY be notified that the > Request Token has been revoked." > http://oauth.net/core/1.0a#rfc.section.6.2.3 > > I cannot find any details in the spec as to HOW the Consumer should be > notified of denial. The parameters provided in Section 6.2.3 are: > > oauth_token: > The Request Token the User authorized or denied. > oauth_verifier: > The verification code. > > So, would the denial be communicated via one of these parameters? > > Any guidance on this is greatly appreciated! > > Thank you, > Jimmy Z > > -- > > You received this message because you are subscribed to the Google Groups > "OAuth" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected] <oauth%[email protected]>. > For more options, visit this group at > http://groups.google.com/group/oauth?hl=en. > > > -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
