Hi
I have a question in the example for section 1.2 in the OAuth 1.0 RFC 5849.
The example in the API calling to access the protected resource.
Where it reads:
With a set of token credentials, the client is now ready to request
the private photo:
GET /photos?file=vacation.jpg&size=original HTTP/1.1
Host: photos.example.net
Authorization: OAuth realm="Photos",
oauth_consumer_key="dpf43f3p2l4k3l03",
oauth_token="nnch734d00sl2jdk",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="137131202",
oauth_nonce="chapoH",
oauth_signature="MdpQcU8iPSUjWoN%2FUDMsK2sui9I%3D"
I don't know how does the client know the parameter value "vacation.jpg" in
the API "http://photos.example.net/photos";. The question is, how does the
client can get the name(s) of protected resource? The use Jane gave it or
the server gave?
Best regards,
J. Lu
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
