In OAuth 1.0a the callback is moved to the requestToken endpoint, not the authorization endpoint.
This is to prevent key fixation attacks. On Fri, May 7, 2010 at 11:39 AM, Randy Hudson <randy.hud...@gmail.com>wrote: > What happens if OAuth 1.0b comes out and iGoogle adopts it? How does > a Gadget indicate that it's oauth service conforms to OAuth 1.0, 1.0a, > or whatever? > > It seems very unlikely that every gadget (and the oauth services it > uses) and every gadget container would adopt OAuth X.Xx simultaneously. > > -- > You received this message because you are subscribed to the Google Groups > "OpenSocial Application Development" group. > To post to this group, send email to opensocial-...@googlegroups.com. > To unsubscribe from this group, send email to > opensocial-api+unsubscr...@googlegroups.com<opensocial-api%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/opensocial-api?hl=en. > > -- You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-...@googlegroups.com. To unsubscribe from this group, send email to opensocial-api+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en.