On Mon, 2009-07-27 at 20:55 -0700, Duane Roelands wrote: > "I would start by looking at the OAuth spec at Section 9 - Signing > Process. " > > RTFM is not a helpful answer, especially when many developers are > relying on libraries that they did not write. It's not unreasonable > to expect some advance notice on breaking changes to the API or > guidance on what specifically was changed. > > > > > On Jul 27, 11:45 pm, chinaski007 <chinaski...@gmail.com> wrote: > > This is frustrating for those of us relying on authentication > > libraries which now may no longer work. The apparent solution is to > > either recode the possibly problematic library oneself, or encourage > > users to swap to Basic Authentication. > > > > While I certainly understand Twitter's need to ensure that everything > > is secure on their end, this is another unannounced API change (like > > the verify_credentials limit last week) that leaves some of us in the > > lurch. > > > > On Jul 27, 8:35 pm, Chad Etzel <jazzyc...@gmail.com> wrote: > > > > > > > > > I would start by looking at the OAuth spec at Section 9 - Signing Process. > > > > >http://oauth.net/core/1.0a#signing_process > > > > > In fact, if you (meaning everyone) have never read the whole spec, you > > > need to. > > > > > -Chad > > > > > On Mon, Jul 27, 2009 at 11:31 PM, goodtest<goodtest...@gmail.com> wrote: > > > > > > Yeah, I agree, can you please point out what (in general) we might be > > > > doing wrong? I still think you probably have a further-regression bug. I'm with Duane here, some advanced notification of what's changed would be nice--my OAuth library code worked up until a few days ago, and now is suddenly failing with "incorrect signature" responses. It would be nice to know what exactly causes this without having to go read the specification head to toe to figure it out. A cryptic RTFM is not helpful.
-- Bojan Rajkovic <boj...@brandeis.edu> Biochemistry '10, Brandeis University PGP Signature Key ID: 0x8783D016 PGP Encryption Key ID: 0x2497B8B2
Description: This is a digitally signed message part