But it completely subverts the point of OAuth, because it lets a third party
have your password. Why even use OAuth in that case?
On Mon, Oct 12, 2009 at 19:01, Zhami <stu...@zhameesha.com> wrote:
> On Oct 12, 5:44 pm, Sebastian <sdelm...@gmail.com> wrote:
> > The solution for OAuth on Mobile and Desktop is easy:
> > Let me rewrite this in plain english: let the app ask for login/
> > password and pass it to twitter.
> > All we need is a simple API call where we can trade a login and
> > password for an oauth access token, bypassing the browser.
> I think this is a grand idea, and wanted to acknowledge it.
> This solution removes the password from being bandied about endlessly
> with Basic Auth, but is appropriate for the world of desktop apps
> where users are comfortable providing their password because
> applications often ask for access restricted information.
Internets. Serious business.