On Tue, Apr 30, 2019 at 5:03 AM Torsten Lodderstedt
wrote:
>
>
> > On 26. Apr 2019, at 19:57, Brian Campbell
> wrote:
> >
> > One thing that I think is missing from the article in the discussion of
> pros and cons is that in many cases a large or even voluminous request can
> be sent via auto su
Hi Jaap,
thanks for sharing your thoughts with us.
> On 25. Apr 2019, at 09:27, Jaap Francke
> wrote:
>
> Hi Torsten and others,
>
> I just read your blog - having “we need to re-think OAuth scopes” in the
> title immediately drew my attention.
> I find this interesting since I’m struggling
> On 26. Apr 2019, at 19:57, Brian Campbell wrote:
>
> One thing that I think is missing from the article in the discussion of pros
> and cons is that in many cases a large or even voluminous request can be sent
> via auto submitting form post (like
> https://openid.net/specs/oauth-v2-form-p
> On 26. Apr 2019, at 16:35, George Fletcher wrote:
>
> Look at this in more detail... what about calling it "transactional_scope"
> instead of "structured_scope" as the scope is specific to an individual
> transaction and not applicable across transactions. That would then separate
> it fr
> Am 26.04.2019 um 16:17 schrieb George Fletcher :
>
>
>
>> On 4/25/19 1:54 PM, Torsten Lodderstedt wrote:
>>
>>
>> Am 25.04.2019 um 17:03 schrieb George Fletcher :
>>
>>> A couple of thoughts...
>>>
>>> 1. It doesn't feel like these are scopes (at least not as scope is defined
>>> by RFC
Sascha,
I see the challenge, thanks!
Potentially, one would need to have a more explicit typing support (schemes?)
and use the name of the individual elements just as names, e.g. payment1,
payment2.
best regards,
Torsten.
> Am 25.04.2019 um 23:35 schrieb Sascha Preibisch :
>
> Torsten,
>
>
Dear Taka,
thanks for your feedback.
How would this more generic mechanism differ from the JSON-based request
object? I personally would advocate to use both, structured scope & pushed
request object, to together.
best regards,
Torsten.
> Am 26.04.2019 um 09:47 schrieb Takahiko Kawasaki :
>
> Am 28.04.2019 um 06:08 schrieb Benjamin Kaduk :
>
>> On Wed, Apr 24, 2019 at 07:08:25PM +0200, Torsten Lodderstedt wrote:
>> Hi Sascha,
>>
>> I see. I assume every element within the structured scope element to be an
>> independent scope (value) object and intended to use the name of that ob