-1 credentials = "Bearer" 1*SP b64token would make sense.
credentials = "Bearer" 1*SP ( b64token / #auth-param ) does not make sense as the spec doesn't define a way to carry the bearer token in the #auth-param choice. -- James Manger From: [email protected] [mailto:[email protected]] On Behalf Of Mike Jones Sent: Saturday, 24 September 2011 12:00 AM To: [email protected] Subject: [OAUTH-WG] Bearer token credentials syntax James Manger and others pointed out that the current credentials syntax does not comply with RFC 2617, nor does it match the updated credentials syntax contained in HTTPbis, part 7: Authentication<http://tools.ietf.org/html/draft-ietf-httpbis-p7-auth-16>. The current syntax in the bearer token draft<http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-08> is: credentials = "Bearer" RWS access-token access-token = 1*( quoted-char / <"> ) quoted-char = ALPHA / DIGIT / "!" / "#" / "$" / "%" / "&" / "'" / "(" / ")" / "*" / "+" / "-" / "." / "/" / ":" / "<" / "=" / ">" / "?" / "@" / "[" / "]" / "^" / "_" / "`" / "{" / "|" / "}" / "~" / "\" / "," / ";" The syntax in HTTPbis is: credentials = auth-scheme [ 1*SP ( b64token / #auth-param ) ] (Note that some of the BNF elements used by part 7 are defined in HTTPbis, part 1: Messaging<http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-16>.) To resolve this comment, I plan to change the Bearer Token draft to use this syntax for credentials, matching HTTPbis: credentials = "Bearer" 1*SP ( b64token / #auth-param ) Are people good with this approach? Thanks, -- Mike
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
