From
http://developers.facebook.com/docs/authentication/canvas
Why is the signature first?
Doing a left split is usually easier than a right one. It also allows us to
pursue other encodings, like hex for the signature and percent encoding for the
payload.
Why is it called signed_request?
It's t
Thanks for sharing!
One question: Was there a particular reason for having signature first
instead of the payload?
On Tue, Jul 27, 2010 at 7:18 AM, Paul Tarjan wrote:
> Facebook released an early version of the proposed signature method, with the
> aim of getting real-life implementation experi
Thanks for sharing Paul!
On 2010-07-26, at 3:18 PM, Paul Tarjan wrote:
> Facebook released an early version of the proposed signature method, with the
> aim of getting real-life implementation experience. We are not currently
> using this for protected resource requests, but rather more like if
Facebook released an early version of the proposed signature method, with the
aim of getting real-life implementation experience. We are not currently using
this for protected resource requests, but rather more like if the authorization
server returned signed data as part of the access token res
