Www-Authenticate plus Link headers seem like they would involve minimal wheel re-invention.
On Wednesday, February 24, 2010, Paul C. Bryan <em...@pbryan.net> wrote: > I've been mostly following the pattern in your XRD-Based OAuth Discovery > Sneak Peek, where a client can discover how to interact with an OAuth > token service in reaction to the OAuth challenge. What got me > second-guessing this was a passing reference to OAuth in the example in > XRD version 1.0. > > I'm asking now because in the process of simplifying the UMA spec, I > need to decide on some of the OAuth discovery mechanisms it will use. > > Paul > > On Wed, 2010-02-24 at 19:40 -0700, Eran Hammer-Lahav wrote: >> No idea. I am not sure yet what the discovery requirements are. For >> example, are clients expected to be familiar with each of the >> token-obtaining profiles and just need a single URI for each supported >> mechanism? XRD is useful for describing a bunch of links for such >> endpoints, but it might just be that the discovery information can be >> provided directly in the header. >> >> Until we know what OAuth 2.0 looks like, we can't really discuss >> discovery much. >> >> Is there a reason why you are asking now? >> >> EHL >> >> > -----Original Message----- >> > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On >> Behalf >> > Of Paul C. Bryan >> > Sent: Wednesday, February 24, 2010 9:30 AM >> > To: oauth@ietf.org >> > Subject: [OAUTH-WG] OAuth XRD? >> > >> > This is a message directed mostly at Eran: >> > >> > Is the OAuth 2.0 discovery mechanism still expected to be via a >> "provider" >> > attribute in the WWW-Authenticate header, or is host-meta expected >> to >> > take over? >> > >> > Paul >> > >> > _______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- -- John Panzer / Google jpan...@google.com / abstractioneer.org / @jpanzer _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth