search

vcshing / google-api-python-client

Automatically exported from code.google.com/p/google-api-python-client
Other
0 stars 0 forks source link

AccessTokenCredentials should use "OAuth" authentication scheme #134

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
at least I think it should - reading 
http://tools.ietf.org/html/draft-ietf-oauth-v2-10#page-30

   The "Authorization" request header field is used by clients to make
   authenticated token requests.  The client uses the "OAuth"
   authentication scheme to include the access token in the request.

I'm trying to use g-a-p-c to authenticate against a service that is handing me 
access tokens using AccessTokenCredentials and its not working (but it does if 
i change 'Bearer' to 'OAuth' in the 'Authorization' header).

Original issue reported on code.google.com by rtp@google.com on 4 May 2012 at 5:53

GoogleCodeExporter commented 9 years ago 
That is draft 10 of the OAuth 2.0 spec, the latest version is draft 26, and the 
correct scheme name is "Bearer":

  http://tools.ietf.org/html/draft-ietf-oauth-v2-26#section-7.1

  http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-08

Original comment by jcgregorio@google.com on 4 May 2012 at 11:54

GoogleCodeExporter commented 9 years ago 
I had a strong feeling I didn't understand this at all. ;)

Thanks Joe!

Original comment by rtp@google.com on 4 May 2012 at 2:55