[OAUTH-WG] Facebook updates to Draft 10
Paul Tarjan <paul.tarjan@facebook.com> Thu, 09 September 2010 18:43 UTC
Return-Path: <paul.tarjan@facebook.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 145023A688E for <oauth@core3.amsl.com>; Thu, 9 Sep 2010 11:43:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.653
X-Spam-Level:
X-Spam-Status: No, score=-101.653 tagged_above=-999 required=5 tests=[AWL=0.747, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ztWBv2pD7m4n for <oauth@core3.amsl.com>; Thu, 9 Sep 2010 11:43:12 -0700 (PDT)
Received: from mx-out.facebook.com (outmail012.snc1.tfbnw.net [69.63.178.171]) by core3.amsl.com (Postfix) with ESMTP id 9A5203A68A6 for <oauth@ietf.org>; Thu, 9 Sep 2010 11:43:12 -0700 (PDT)
Received: from [10.18.255.129] ([10.18.255.129:55186] helo=mail.thefacebook.com) by mta009.snc1.facebook.com (envelope-from <paul.tarjan@facebook.com>) (ecelerity 2.2.2.45 r(34067)) with ESMTP id F1/09-13770-CDA298C4; Thu, 09 Sep 2010 11:43:40 -0700
Received: from SC-MBX04.TheFacebook.com ([169.254.3.109]) by sc-hub04.TheFacebook.com ([fe80::8df5:7f90:d4a0:bb9%11]) with mapi; Thu, 9 Sep 2010 11:43:39 -0700
From: Paul Tarjan <paul.tarjan@facebook.com>
To: OAuth WG <oauth@ietf.org>
Thread-Topic: Facebook updates to Draft 10
Thread-Index: AQHLUE7qAJFgrLGSIUu8sBrNcwCRPg==
Date: Thu, 09 Sep 2010 18:43:35 +0000
Message-ID: <116056AD-0AC4-4BD9-BCF4-C4D2A75CF9D6@facebook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="us-ascii"
Content-ID: <a1a86a85-e543-454e-9166-1a2f070c439e>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [OAUTH-WG] Facebook updates to Draft 10
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Sep 2010 18:43:14 -0000
Hi Fellow OAuthers, We just updated our Graph API's OAuth2 implementation to be draft 10 complaint. Yay! Well, I should say we are pretty close to draft 10. Some places we differ: * For now errors are not in the standard format :( This would break backwards compatibility and existing applications, so we are only going to turn it on for opted in applications until the spec is finalized. If anyone wants to use the new formats, send me your Facebook app's ID and I'll opt you in. * if grant_type is not included, it is assumed to be "authorization_code" since that is what draft-00 did. * If response_type is not included, it is assumed to be "code" since that is what draft-00 did. When the spec is finalized, we plan on doing a single opt-in migration for all non-backwards compatible changes. New application will be automatically on the final version, and older applications will have a time period to update. Some new things you can do: Here are a few links showing some of the new parameters to help you with discovery: code_and_token: http://graph.facebook.com/oauth/authorize?client_id=150629244948164&redirect_uri=http://paulisageek.com/facebook/app/&response_type=code_and_token token: http://graph.facebook.com/oauth/authorize?client_id=150629244948164&redirect_uri=http://paulisageek.com/facebook/app/&response_type=token new error format: http://graph.facebook.com/oauth/access_token?client_id=150629244948164&redirect_uri=http://paulisageek.com/facebook/app/ error redirects: http://graph.facebook.com/oauth/authorize?client_id=150629244948164&redirect_uri=http://paulisageek.com/facebook/app/&grant_type=junky_junk Feel free to ask questions and let me know if there are any places you don't think we are spec complaint. We plan on keeping up with changes as we all run this last mile to the final version. Thanks! Paul
- [OAUTH-WG] Facebook updates to Draft 10 Paul Tarjan
- Re: [OAUTH-WG] Facebook updates to Draft 10 Olivier POITREY
- Re: [OAUTH-WG] Facebook updates to Draft 10 Paul Tarjan
- Re: [OAUTH-WG] Facebook updates to Draft 10 Olivier POITREY
- Re: [OAUTH-WG] Facebook updates to Draft 10 Eran Hammer-Lahav
- Re: [OAUTH-WG] Facebook updates to Draft 10 Olivier POITREY
- Re: [OAUTH-WG] Facebook updates to Draft 10 Eran Hammer-Lahav