Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-14 Thread Torsten Lodderstedt
 > Am 14.12.2020 um 17:39 schrieb Brian Campbell > : > >  > And that's done: > https://mailarchive.ietf.org/arch/msg/oauth/W0eq4HUiiLVS5F5qyXXY6Gdw7vs/ > >> On Mon, Dec 14, 2020 at 8:42 AM Torsten Lodderstedt >> wrote: >> +1 for following Vladimir’s proposal >> >> > Am 14.12.2020 um

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-14 Thread Brian Campbell
And that's done: https://mailarchive.ietf.org/arch/msg/oauth/W0eq4HUiiLVS5F5qyXXY6Gdw7vs/ On Mon, Dec 14, 2020 at 8:42 AM Torsten Lodderstedt wrote: > +1 for following Vladimir’s proposal > > > Am 14.12.2020 um 14:54 schrieb Brian Campbell 40pingidentity@dmarc.ietf.org>: > > > > er, I mean

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-14 Thread Torsten Lodderstedt
+1 for following Vladimir’s proposal > Am 14.12.2020 um 14:54 schrieb Brian Campbell > : > > er, I mean an -05 > > On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell > wrote: > Thanks Vladimir, that seems quite reasonable. Barring any objections, I'll > add that to a -04. > > On Mon, Dec 14,

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-14 Thread Brian Campbell
er, I mean an -05 On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell wrote: > Thanks Vladimir, that seems quite reasonable. Barring any objections, I'll > add that to a -04. > > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov < > vladi...@connect2id.com> wrote: > >> Hi Brian, >> >> I'd like to

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-14 Thread Dave Tonge
I agree with the proposed text On Mon, 14 Dec 2020 at 14:46, Brian Campbell wrote: > Thanks Vladimir, that seems quite reasonable. Barring any objections, I'll > add that to a -04. > > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov < > vladi...@connect2id.com> wrote: > >> Hi Brian, >> >>

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-14 Thread Brian Campbell
Thanks Vladimir, that seems quite reasonable. Barring any objections, I'll add that to a -04. On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov wrote: > Hi Brian, > > I'd like to propose the sentence in bold to be inserted into the current > section 2.3 of PAR -04: > >

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-14 Thread Vladimir Dzhuvinov
Hi Brian, I'd like to propose the sentence in bold to be inserted into the current section 2.3 of PAR -04: https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 The authorization server returns an error response with the same format as is specified for error responses from the token

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-04 Thread Brian Campbell
On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov wrote: > If people have articulated a need to have an invalid_redirect_uri error > for the PAR endpoint, then let's register it properly. Rifaat says there's > still time to do this. > Following from the response I recently sent to Neil, I

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-04 Thread Brian Campbell
That's a good point. The context of the original discussion that led to this thread wasn't about a client programmatically acting on the information. Rather that banks (and similar entities) can be reluctant to include additional info in descriptive error messages so having a specific error code

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-04 Thread Neil Madden
Making it a specific error code rather than just an error message suggests that the client can do something with that information. That doesn’t seem likely to me. It’s most likely caused by a misconfiguration that somebody needs to manually sort out rather than something that can be

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-03 Thread Vladimir Dzhuvinov
If people have articulated a need to have an invalid_redirect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this. I'm also okay with using the general invalid_request code for this. In this case a sentence, next to the current example,

[OAUTH-WG] PAR error for redirect URI?

2020-12-03 Thread Rifaat Shekh-Yusef
Torsten, Filip, You can absolutely make this change, as we are still very early in the process. So feel free to continue this effort and try to get WG agreement on this, and update the document as needed. Regards, Rifaat On Thursday, December 3, 2020, Filip Skokan wrote: > To be clear, I'm

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-03 Thread Filip Skokan
To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code. Best, *Filip* On Thu, 3 Dec 2020 at 11:06, Torsten

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-03 Thread Torsten Lodderstedt
> Am 03.12.2020 um 09:56 schrieb Filip Skokan : > > There are several documents already mentioning "invalid_redirect_uri" as an > error code, specifically RFC7519 and OpenID Connect Dynamic Client > Registration 1.0. But these don't register it in the IANA OAuth Extensions > Error Registry,

Re: [OAUTH-WG] PAR error for redirect URI?

2020-12-03 Thread Filip Skokan
There are several documents already mentioning "invalid_redirect_uri" as an error code, specifically RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don't register it in the IANA OAuth Extensions Error Registry, presumably because they're neither for the authorization or

[OAUTH-WG] PAR error for redirect URI?

2020-12-02 Thread Brian Campbell
During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code for problems with the redirect_uri (the