The request is very different on the resource server. On the authorization server, why would you use the same endpoint?
EHL From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Paul Lindner Sent: Thursday, June 10, 2010 8:24 AM To: OAuth WG (oauth@ietf.org) Subject: [OAUTH-WG] Identifying OAuth 2.0 vs 1.0 requests Hi, As I've been working through our oauth2 implementation I've noticed that it's not easy to disambiguate OAuth 1.0a vs 2.0 API calls based on the request parameters alone. Based on some investigative at the Shindig project it appears that the only standard way to to determine 1.0a vs 2.0 is by checking for the oauth_signature_method parameter. More info here: https://issues.apache.org/jira/browse/SHINDIG-1361 Has anyone else considered this use case? How did you solve it?
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
