That's a good idea. FWIW we created a custom endpoint for this purpose - allows you to exchange Facebook sessions for OAuth 2.0 tokens. Documented here: http://developers.facebook.com/docs/guides/upgrade
On May 4, 2010, at 10:48 AM, Eran Hammer-Lahav wrote: > Why a short lived 2.0 token? Why not provide an endpoint to exchange a 1.0 > token with a 2.0 token with a refresh token? > > EHL > >> -----Original Message----- >> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf >> Of Marius Scurtescu >> Sent: Tuesday, May 04, 2010 10:27 AM >> To: OAuth WG >> Subject: [OAUTH-WG] OAuth 1 Bridge Flow >> >> Hi, >> >> I would like to suggest a flow, or endpoint, that is bridging OAuth 1 and >> OAuth 2. See the attachment. >> >> The OAuth 1 Bridge Flow basically defines an endpoint where you can place a >> signed OAuth 1 request and in response you receive a short lived OAuth 2.0 >> access token. This flow can be used by clients that have a long lived OAuth >> 1.0 access token and want to use a short lived OAuth 2.0 access token to >> access protected resources. >> >> Do you have a use case for a flow like this? If not exactly but close, how >> can >> the flow be improved to cover your use case as well? >> >> Feedback more than welcome. >> >> Thanks, >> Marius > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
