Академический Документы
Профессиональный Документы
Культура Документы
2 (draft)
This serves as an example of how OAuth identification for the user. In the workflow diagrammed below,
delegation could work, In this example, a user has Tweetie makes a call to TwitPic with the appropriate
authorized Tweetie, and would like to use TwitPic to parameters, and also passes an OAuth authorization
store photos. The TwitPic API has an endpoint named header signed to Twitter. TwitPic can then call
upload which currently takes image data, and a account/verify_credentials with that header.
Twitter username and password. When Tweetie Twitter verifies the delegated identify verification
currently calls this endpoint, TwitPic presumably calls request, and TwitPic can then save the image, and
Twitter to verify the credentials before saving the photo return the image's URL to Tweetie.
1. Request (C to D)
POST upload (protected resource, PR)
⁃ Includes image to store
⁃ Includes x_auth_service_provider to specify who
to authenticate against (SP's base URL)
⁃ Includes x_verify_credentials_authorization
parameter which is the Authorization header that C
would have sent to SP if calling account/
verify_credentials directly
Consumer (C)
Delegator (D)