382767556c
as outlined in the oauth2 bearer token documentation: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-08 test plan: make any api requests passing the access_token in the authorization header, rather than the query string, and verify you can successfully make those calls. also verify that the query string method still works as before. note that we are not yet responding with a proper 401 and www-authenticate header, as described in the oauth2 bearer token spec. that is coming in a subsequent commit, after some refactoring of our api error response mechanisms. Change-Id: I2cf470ce2dd33442bb71ea2d3c756410b418b1ca Reviewed-on: https://gerrit.instructure.com/7664 Reviewed-by: Cody Cutrer <cody@instructure.com> Tested-by: Hudson <hudson@instructure.com> |
||
|---|---|---|
| .. | ||
| templates/rest | ||
| high_level.txt | ||