subject:"\[OAUTH\-WG\] Issue\: state in web server flow"

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-19 Thread Marius Scurtescu

On Mon, Apr 19, 2010 at 2:24 PM, Eran Hammer-Lahav wrote: > >> -Original Message- >> From: Marius Scurtescu [mailto:mscurte...@google.com] >> Sent: Monday, April 19, 2010 1:58 PM >> To: Eran Hammer-Lahav >> Cc: Dick Hardt; OAuth WG >> Subject: Re

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-19 Thread Eran Hammer-Lahav

> -Original Message- > From: Marius Scurtescu [mailto:mscurte...@google.com] > Sent: Monday, April 19, 2010 1:58 PM > To: Eran Hammer-Lahav > Cc: Dick Hardt; OAuth WG > Subject: Re: [OAUTH-WG] Issue: state in web server flow > > On Mon, Apr 19, 2010 at 11:

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-19 Thread Marius Scurtescu

On Mon, Apr 19, 2010 at 11:53 AM, Eran Hammer-Lahav wrote: > > >> -Original Message- >> From: Marius Scurtescu [mailto:mscurte...@google.com] >> Sent: Monday, April 19, 2010 10:18 AM > >> I don't think it is possible to enforce callbacks without any query >> parameters. >> See the Drupal

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-19 Thread Eran Hammer-Lahav

> -Original Message- > From: Marius Scurtescu [mailto:mscurte...@google.com] > Sent: Monday, April 19, 2010 10:18 AM > I don't think it is possible to enforce callbacks without any query > parameters. > See the Drupal example. In the Drupal example the client server adds its silly para

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-19 Thread Marius Scurtescu

t;> Sent: Sunday, April 18, 2010 9:20 PM >>> To: OAuth WG >>> Subject: [OAUTH-WG] Issue: state in web server flow >>> >>> Why was the state parameter removed from the web server flow? >> >> I didn't want to both define a state parameter *and*

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-19 Thread Evan Gilbert

gt; >> Sent: Sunday, April 18, 2010 9:20 PM > >> To: OAuth WG > >> Subject: [OAUTH-WG] Issue: state in web server flow > >> > >> Why was the state parameter removed from the web server flow? > > > > I didn't want to both define a state

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-18 Thread Dick Hardt

On 2010-04-18, at 10:28 PM, Eran Hammer-Lahav wrote: > > >> -Original Message- >> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf >> Of Dick Hardt >> Sent: Sunday, April 18, 2010 9:20 PM >> To: OAuth WG >> Subject:

Re: [OAUTH-WG] Issue: state in web server flow

2010-04-18 Thread Eran Hammer-Lahav

> -Original Message- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of Dick Hardt > Sent: Sunday, April 18, 2010 9:20 PM > To: OAuth WG > Subject: [OAUTH-WG] Issue: state in web server flow > > Why was the state parameter removed from

[OAUTH-WG] Issue: state in web server flow

2010-04-18 Thread Dick Hardt

Why was the state parameter removed from the web server flow? Some AS may require the entire redirect URI to be registered, so the state parameter allows a client to maintain state across calls. ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org

Re: [OAUTH-WG] Issue: state in web server flow

Re: [OAUTH-WG] Issue: state in web server flow

Re: [OAUTH-WG] Issue: state in web server flow

Re: [OAUTH-WG] Issue: state in web server flow

Re: [OAUTH-WG] Issue: state in web server flow

Re: [OAUTH-WG] Issue: state in web server flow

Re: [OAUTH-WG] Issue: state in web server flow

Re: [OAUTH-WG] Issue: state in web server flow

[OAUTH-WG] Issue: state in web server flow

9 matches

Site Navigation

Mail list logo

Footer information