shindig-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henry Saputra <henry.sapu...@gmail.com>
Subject Re: Different verbs on OAuth Access/Request...
Date Fri, 26 Aug 2011 23:13:22 GMT
Its not limitation from OAuth spec itself. Looks like its "limitation"
that Shindig currently has because access and request use the same
AccessorInfo.

So the gadget OAuthService checks for the method types before continuing.


- Henry

On Fri, Aug 26, 2011 at 3:16 PM, Mark Weitzel
<mark.weitzel@jivesoftware.com> wrote:
>
>
> Greetings...
> One of my developers stumbled across an interesting question that I'm not sure how to
answer so I figured I'd post it here. He's trying to hit an OAuth service that uses a POST
for the access token and a GET for the request token. I was not aware of any limitation in
shindig to prevent this, but we're seeing a funky error. Anyone got some suggestions for me?
>
> Thanks,
> Mark W.
>
> When I add this to my app.xml I get the error below in the app window:
> <OAuth>
>    <Service name="concur">
>     <Access  url="https://www.mysolutions.com/net2/OAuth/Access.ashx"  method="POST"
/>
>     <Request url="https://www.mysolutions.com/net2/OAuth/Request.ashx" method="GET"
/>
>     <Authorization url="https://www.mysolutions.com/net2/OAuth/Login.aspx" />
>   </Service>
> </OAuth>
>
> "Failed to load module prefs for app 'InstanceAppImpl{instanceAppID=5221, title='null',
description='null', userID=2152, appURL='http://test-stuff/app.xml', appID=3258, appInstanceUUID=94567228-xxxx-xxxx-xxxx-3cd6c3303101,
creationDate=Thu Aug 25 10:20:39 PDT 2011, modificationDate=Thu Aug 25 10:20:44 PDT 2011}'
for this reason: org.apache.shindig.gadgets.spec.SpecParserException: Access@method must be
identical to Request@method"
>
> Does OAuth spec define that one should use same methods for the endpoints? I cant find
anything like that here: http://tools.ietf.org/html/rfc5849#section-2.1
>

Mime
View raw message