I think same. But now I see that only for 5.2, not for 4.2.2.1
--
Best regards, Alexey Skolyarov
From: Justin Richer [mailto:jric...@mitre.org]
Sent: Tuesday, December 20, 2011 6:23 PM
To: Alexey Skolyarov
Cc: Buhake Sindi; oauth@ietf.org
Subject: Re: [OAUTH-WG] conflict: error response
I see that. But how the server should respond on incorrect request (when it’s
not possible to determine correct state to be passed).
Specifically, what state should be passed to the client – no one, any or all of
them?
--
Best regards, Alexey Skolyarov
Dino Systems Java Team
Phone: +7 (812) 740
example.com/cb?error=invalid_request&state=QWE%20ASD
(both but violates the idea that state should be kept unchanged).
I hope this example could make my question clearer.
Thanks in advance.
--
Best regards, Alexey Skolyarov
From: Buhake Sindi [mailto:buh...@googlemail.com]
Sent: Monday, December 19,
Hello everybody,
Since this is my first post on this list, I’ll say few words about whoami:
My name is Alexey Skolyarov, I work in Saint-Petersburg, Russia. I’m interested
in OAuth2 because I found no v2 providers for Jersey<http://jersey.java.net/>
except Spring Security which is muc
