These also means the availabilty of the native app on a device depends on the availabilty of this backend service. I don't know whether the average store website has a reasonable availability.
Regards, Torsten. Gesendet mit BlackBerry® Webmail von Telekom Deutschland -----Original Message----- From: Francisco Corella <[email protected]> Date: Tue, 4 Jan 2011 17:18:33 To: Torsten Lodderstedt<[email protected]> Reply-To: [email protected] Cc: <[email protected]>; Karen P. Lewison<[email protected]> Subject: Re: [OAUTH-WG] unregistered applications --- On Tue, 1/4/11, Torsten Lodderstedt <[email protected]> wrote: > just to make sure I understood your paper correctly: even > native clients are required to have a backend server > component, which receives the authorization results and > makes it available to the native client? Yes, a very simple one that responds to an http post request by copying the body of the post to the body of the response. (That could be done, for example, by a simple application-independent Apache module. Apache would be configured to invoke the module for requests that target the redirection uri, and send the response with a media type that is handled by the native client application.) These days every little neighbourhood store as a Web site, so it is safe to assume that the provider of the native client application has one. Francisco
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
