One of the modifications I concluded to do to WRAP was to add in the type
parameter. I was happy to see if in David's draft.
Even though redundant in some ways, it make it very clear to both the client
and server what is intended.
+1 for putting it back in.
On Mon, Jun 14, 2010 at 11:23 AM,
Per an earlier comment, type might not be the best name for the parameter.
Perhaps method might work and adds a clear extension point for other types
of calls?
On Tue, Jun 22, 2010 at 1:22 PM, Dick Hardt dick.ha...@gmail.com wrote:
One of the modifications I concluded to do to WRAP was to add
You are a bit behind. -08 added it back as grant_type which works better with
the current explanation.
EHL
From: Dick Hardt [mailto:dick.ha...@gmail.com]
Sent: Tuesday, June 22, 2010 1:29 PM
To: Brian Eaton
Cc: Eran Hammer-Lahav; OAuth WG (oauth@ietf.org)
Subject: Re: [OAUTH-WG] Draft -07
On Mon, Jun 14, 2010 at 9:18 AM, Eran Hammer-Lahav e...@hueniverse.com wrote:
Adding a verification code to the user-agent flow was suggested on this list
and received nothing but support. It was suggested as a solution to a
Twitter use case.
I think it would be good to see a detailed use case
-Lahav
Cc: Andrew Arnott; OAuth WG (oauth@ietf.org)
Subject: Re: [OAUTH-WG] Draft -07 (major rewrite)
On Mon, Jun 14, 2010 at 9:18 AM, Eran Hammer-Lahav e...@hueniverse.com
wrote:
Adding a verification code to the user-agent flow was suggested on
this list and received nothing but support
-Original Message-
From: Marius Scurtescu [mailto:mscurte...@google.com]
Sent: Tuesday, June 15, 2010 5:24 PM
To: Eran Hammer-Lahav
Cc: Andrew Arnott; OAuth WG (oauth@ietf.org)
Subject: Re: [OAUTH-WG] Draft -07 (major rewrite)
On Tue, Jun 15, 2010 at 5:05 PM, Eran Hammer-Lahav e
PM
To: Eran Hammer-Lahav
Cc: Andrew Arnott; OAuth WG (oauth@ietf.org)
Subject: Re: [OAUTH-WG] Draft -07 (major rewrite)
On Mon, Jun 14, 2010 at 9:18 AM, Eran Hammer-Lahav e...@hueniverse.com
wrote:
Adding a verification code to the user-agent flow was suggested on
this list and received
-Lahav
Cc: OAuth WG
Subject: RE: [OAUTH-WG] Draft -07 (major rewrite)
+1 for the type parameter.
Our internal server and client developers would both prefer it.
-cmort
From: oauth-boun...@ietf.org [oauth-boun...@ietf.org] On Behalf Of
Justin Richer
-Original Message-
From: Justin Richer [mailto:jric...@mitre.org]
Sent: Monday, June 14, 2010 7:20 AM
To: Eran Hammer-Lahav
Cc: Marius Scurtescu; OAuth WG
Subject: Re: [OAUTH-WG] Draft -07 (major rewrite)
I disagree. I don't think it's redundant, I think it's a clarifying piece
On Mon, Jun 14, 2010 at 9:18 AM, Eran Hammer-Lahav e...@hueniverse.com wrote:
Adding a verification code to the user-agent flow was suggested on this list
and received nothing but support. It was suggested as a solution to a
Twitter use case. Once that is added in, the two flows only differ in
some comments on the new draft from my side.
In my opinion, the raised abstraction level makes the spec harder to
read but more elegant :-) Rearranging conceptual statements and
endpoint/request descriptions would probably further improve
readability. For example, the end-user authorization
Eran,
While the flows in the spec today may have unique sets of required
parameters, other flows may exist with overlapping initial parameters (why?
perhaps the flows have different rules that don't come into effect until
later in the flow). Keeping the type parameter in there would help
On Fri, Jun 11, 2010 at 1:11 PM, Eran Hammer-Lahav e...@hueniverse.com wrote:
Draft -07 represents a major rearrangement of the document. I still have a
lot of work to do but wanted to share my progress and get some general
feedback. The draft includes a few normative language changes but the
I agree with Marius: I think we should keep the explicit flow name in
there (in the 'type' parameter or equivalent), as it (among other
things) opens the possibility for the rescope and revoke operations. It
makes it very clear how both client and server expect things to behave.
-- Justin
On
Hi!
Am 11.06.10 22:47, schrieb Marius Scurtescu:
On Fri, Jun 11, 2010 at 1:11 PM, Eran Hammer-Lahav e...@hueniverse.com
wrote:
Draft -07 represents a major rearrangement of the document. I still have a
lot of work to do but wanted to share my progress and get some general
feedback. The
It doesn't really. It is completely clear what kind of authorization grant the
client is providing simply by looking at the parameter. It might make the code
a few lines longer (a few if-else instead of a switch-case) but because these
are all post parameters, you access them the same way (i.e.
On 6/11/10 1:47 PM, Marius Scurtescu mscurte...@google.com wrote:
On Fri, Jun 11, 2010 at 1:11 PM, Eran Hammer-Lahav e...@hueniverse.com
wrote:
Draft -07 represents a major rearrangement of the document. I still have a
lot of work to do but wanted to share my progress and get some general
The comment was about the token endpoint which used to include a 'type'
parameter (indicating the flow being used). All the flows share the same token
endpoint.
EHL
On 6/11/10 2:24 PM, Christian Scholz c...@comlounge.net wrote:
Hi!
Am 11.06.10 22:47, schrieb Marius Scurtescu:
On Fri, Jun
18 matches
Mail list logo