Has there been any thinking or movement as to whether the scopes syntax
stands as is, or aligns with 6749? Of the folks who chose to respond, it
seemed like the position was split.
From: Justin Richer <jric...@mitre.org>
To: Todd W Lainhart/Lexington/IBM@IBMUS,
Cc: IETF oauth WG <oauth@ietf.org>
Date: 01/30/2013 05:34 PM
Subject: Re: [OAUTH-WG] draft-richer-oauth-introspection-01 scope
syntax
I should add that this is also a bit of an artifact of our implementation.
Internally, we parse and store scopes as collections of discrete strings
and process them that way. So serialization of that value naturally fell
to a JSON list.
-- Justin
On 01/30/2013 05:29 PM, Justin Richer wrote:
It's not meant to follow the same syntax. Instead, it's making use of the
JSON object structure to avoid additional parsing of the values on the
client side.
We could fairly easily define it as the same space-delimited string if
enough people want to keep the scope format consistent.
-- Justin
On 01/30/2013 05:27 PM, Todd W Lainhart wrote:
That the scope syntax in draft-richer-oauth-introspection-01 is different
than RFC 6749 Section 3.3, as in:
"scope": ["read", "write", "dolphin"],
vs.
scope = scope-token *( SP scope-token )
scope-token = 1*( %x21 / %x23-5B / %x5D-7E )
Should introspection-01 follow the 6749 syntax for scopes?
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
