It would be useful for me if people tested it and reported any problems. I have limited access to alternative OAuth 2.0 provider implementations, so I’ve only tested a few of the commercial ones so far.
Some use cases, where I think this is useful:
- given an API with CORS support.
- in native web apps running in example phone gap, running in
file://context and are thereby not limited by same-origin.
Feedback is welcome.