Hello,
Sorry for the vague description. By generic way I mean that it has not
been implemented for a specific need, so I tried to be as agnostic as
possible, to avoid complication for me or the admin who would use it.
Basically, in the RAR configuration, you declare what types are
expected, for each type what scopes are attached, and what allowed
locations, actions, datatypes, auth details or privileges. Then based on
this configuration, which is supposed to be known by the clients, the
clients build their auth request as they want.
But the implementation wasn't designed with a specific use case, that's
why I call it 'generic'
/Nicolas
Le 2022-05-04 à 11 h 51, Hannes Tschofenig a écrit :
Hi Nicolas,
Thanks for the response.
I am not sure whether I understand your response correctly. You said that
Glewlwyd supports RAR in a generic way.
What does the "not to support an existing implementation" mean?
Ciao
Hannes
-----Original Message-----
From: OAuth <[email protected]> On Behalf Of Nicolas Mora
Sent: Monday, April 11, 2022 3:12 AM
To: [email protected]
Subject: Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR):
Implementation Status
Hello Hannes,
Glewlwyd supports rich auth requests, but in a 'generic' way, not to support an
existing implementation.
https://babelouest.io/glewlwyd/
/Nicolas
Le 2022-04-06 à 09 h 46, Hannes Tschofenig a écrit :
Hi all,
I am working on the shepherd writeup for the RAR document and the IESG
is interested to hear about the implementation status of this specification.
What implementations are available that use the RAR functionality or
are vendors planning to implement this specification?
Ciao
Hannes
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended
recipient, please notify the sender immediately and do not disclose
the contents to any other person, use it for any purpose, or store or
copy the information in any medium. Thank you.
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended recipient,
please notify the sender immediately and do not disclose the contents to any
other person, use it for any purpose, or store or copy the information in any
medium. Thank you.
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
