Hey, while OAuth 2.0 seems very nice and very well thought through overall, I couldn't help but notice two small mistakes in the draft:
a) In section 5.3, it says ... with a matchin "hmac-sha256" secret by using the "token_type" parameter when requesting an access token. and it should say "secret_type" instead of "token_type". b) In the example in section 4, it says POST /authorize HTTP/1.1 however, according to the text above (and per common sense) it should say "POST /token HTTP/1.1" (as it's the token endpoint, not the authorization endpoint that is being addressed). Thanks and keep up the great work. -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
