Open GoogleCodeExporter opened 8 years ago
I'm not sure how much of the current code base could actually be re-used for a
2.0
implementation. But then again, I haven't taken a closer look at it yet. I'd be
curious about any experiences with OAuth 2.0 and Signpost though, did you get
anywhere with this so far?
Original comment by m.kaepp...@gmail.com
on 9 May 2010 at 12:58
So I haven't worked through the tentative OAuth 2.0 specs in detail, but
implementing what Facebook is calling
OAuth 2.0 seemed pretty simple. As outlined at:
http://developers.facebook.com/docs/api#authorization
a simple web-callback authorization can get working with an initial redirect,
and then handling the redirect back
from facebook and a single additional direct request to get the authorization
token. I implemented that just
using a URL.openStream. I didn't really need to use signpost to make it happen
at all.
Original comment by bdfer...@gmail.com
on 13 May 2010 at 8:02
seems like oauth 2.0 eliminates the process of token exchange and signing
requests.
bdferris I was able to do the same however I am curious to know if you have
handled
multiple users basically mapping the initial request to the callback for
multiple users
Original comment by ssam0...@gmail.com
on 24 May 2010 at 4:24
@ssam0276
I'm already using my Java Servlet container's session functionality to track
repeated access by the same user
across a session. When I make the call to
"https://graph.facebook.com/oauth/access_token" to retrieve the
access token, I immediately make a follow-up call to
https://graph.facebook.com/me to get details about the
authenticated Facebook user.
Original comment by bdfer...@gmail.com
on 24 May 2010 at 4:31
Original issue reported on code.google.com by
bdfer...@gmail.com
on 7 May 2010 at 5:56