Thereby depriving the client of visibility on the social network. Yes, this is
a hack, by the user, against the client, and there is material harm. The user
is getting something without giving the client what was originally promised.
Of course, the client will quickly discover the hack, and
+1
I agree with Andre and Stephen and others who argued against an MTI token type.
As an architect of a (soon-to-be) oauth server I can state that we will almost
certainly support bearer token only, and that we will be writing the code
ourselves, not using a library. I don’t really see how a
I’ve spent the last couple months trying to answer this question myself (even
posted on Stack Overflow,
http://stackoverflow.com/questions/7522831/what-is-the-purpose-of-the-implicit-grant-authorization-type-in-oauth-2),
and here’s the best answer I can come up with: it’s a great solution for
To be consistent, section 10.3 should probably specify that the requirement of
confidentiality in transit applies specifically to BEARER tokens.
I would like to see this relaxed further though, as I argued last week, to
accommodate situations where a token is scoped to a limited set of data
...@veznat.com]
Sent: Tuesday, October 25, 2011 8:41 PM
To: Dave Rochwerger
Cc: Dan Taflin; OAuth WG
Subject: Returning two tokens. Was: Re: [OAUTH-WG] Rechartering
I'm going to reiterate what has already been said.
OAuth already supports what you're trying to do. Just request a token twice,
the first time
I would like to second Torsten's pitch for the ability to return multiple
access tokens with a single authorization process. The use case for my company
is to segment operations into two main categories: protected and confidential.
(A possible third category, public, would not require any
like to see this relaxed somewhat.
Dan
From: Dave Rochwerger [mailto:da...@quizlet.com]
Sent: Tuesday, October 25, 2011 4:08 PM
To: Dan Taflin
Cc: OAuth WG
Subject: Re: [OAUTH-WG] Rechartering
Is separating this out into 2 different tokens, really the best way to solve
your use case?
It sounds