Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago I'm not sure how much of the current code base could actually be re-used for a
2.0
implementation. But then again, I haven't taken a closer look at it yet. I'd be
curious about any experiences with OAuth 2.0 and Signpost though, did you get
anywhere with this so far?Original comment by m.kaepp...@gmail.com on 9 May 2010 at 12:58
GoogleCodeExporter
commented
9 years ago So I haven't worked through the tentative OAuth 2.0 specs in detail, but
implementing what Facebook is calling
OAuth 2.0 seemed pretty simple. As outlined at:
http://developers.facebook.com/docs/api#authorization
a simple web-callback authorization can get working with an initial redirect,
and then handling the redirect back
from facebook and a single additional direct request to get the authorization
token. I implemented that just
using a URL.openStream. I didn't really need to use signpost to make it happen
at all.Original comment by bdfer...@gmail.com on 13 May 2010 at 8:02
GoogleCodeExporter
commented
9 years ago seems like oauth 2.0 eliminates the process of token exchange and signing
requests.
bdferris I was able to do the same however I am curious to know if you have
handled
multiple users basically mapping the initial request to the callback for
multiple usersOriginal comment by ssam0...@gmail.com on 24 May 2010 at 4:24
GoogleCodeExporter
commented
9 years ago @ssam0276
I'm already using my Java Servlet container's session functionality to track
repeated access by the same user
across a session. When I make the call to
"https://graph.facebook.com/oauth/access_token" to retrieve the
access token, I immediately make a follow-up call to
https://graph.facebook.com/me to get details about the
authenticated Facebook user.Original comment by bdfer...@gmail.com on 24 May 2010 at 4:31
Original issue reported on code.google.com by
bdfer...@gmail.comon 7 May 2010 at 5:56