I would envision that the requests from different flows will have a different mode value, which makes them uniquely different requests for the AS.
I think returning a refresh token when it can't be used will lead to confusion for Client and AS developers. -- Dick On 2010-04-07, at 1:51 PM, Eran Hammer-Lahav wrote: > Right now most of the flows return the same parameters (access token, > expiration, refresh token). A few do not return a refresh token. When we add > signatures, we will need to add token secret and algorithm type. > > I know there are good reasons why certain flows do not return a refresh > token but instead rely on the client repeating the request. However, there > is a lot of value in simplicity and consistency in making every request > return the same parameters. > > It will also allow specifying it one time instead of over and over again. > > Thoughts? > > EHL > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
