[OAUTH-WG] Query on RFC 7009
James Howe <jmh205@cam.ac.uk> Tue, 11 June 2019 15:53 UTC
Return-Path: <jmh205@cam.ac.uk>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79E6A120157 for <oauth@ietfa.amsl.com>; Tue, 11 Jun 2019 08:53:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=universityofcambridgecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id afa6urZysWGt for <oauth@ietfa.amsl.com>; Tue, 11 Jun 2019 08:53:25 -0700 (PDT)
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110109.outbound.protection.outlook.com [40.107.11.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F89F1202D0 for <oauth@ietf.org>; Tue, 11 Jun 2019 08:53:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=UniversityOfCambridgeCloud.onmicrosoft.com; s=selector1-UniversityOfCambridgeCloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bPAIwgB9anAzE4qy7aksG8hsuwTi5PNPekz3FxmMGPY=; b=04au2A9FswkBwyjM6X4qtoryD1Ei76QgW27XplrXtu4jFb6W+XtjFofbx97ar+4qKXl2N2NDR0DiPdCBGz6za6YiqhtQzECvKv3iTdJ+9aE0e/NjZonowP2PD/m3H0m3skNnUcJzVWfwAQpWgkqabxGvbwM+RX3PYU0wUdBDPS4=
Received: from CWLP265MB0884.GBRP265.PROD.OUTLOOK.COM (20.176.33.10) by CWLP265MB0177.GBRP265.PROD.OUTLOOK.COM (10.166.19.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1965.17; Tue, 11 Jun 2019 15:53:17 +0000
Received: from CWLP265MB0884.GBRP265.PROD.OUTLOOK.COM ([fe80::90cf:642d:3284:b973]) by CWLP265MB0884.GBRP265.PROD.OUTLOOK.COM ([fe80::90cf:642d:3284:b973%6]) with mapi id 15.20.1965.017; Tue, 11 Jun 2019 15:53:17 +0000
From: James Howe <jmh205@cam.ac.uk>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Query on RFC 7009
Thread-Index: AdUgbQFSSrDVTXOdRA6xogTEG6OKNw==
Date: Tue, 11 Jun 2019 15:53:16 +0000
Message-ID: <CWLP265MB0884F68CC0B2DF0D536F5640D1ED0@CWLP265MB0884.GBRP265.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jmh205@cam.ac.uk;
x-originating-ip: [129.169.142.76]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 879d351e-9259-44fd-913b-08d6ee84eb79
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:CWLP265MB0177;
x-ms-traffictypediagnostic: CWLP265MB0177:
x-microsoft-antispam-prvs: <CWLP265MB01775F535E81C8A23FF54AA8D1ED0@CWLP265MB0177.GBRP265.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 006546F32A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(136003)(396003)(39860400002)(366004)(199004)(189003)(2351001)(33656002)(68736007)(14454004)(476003)(99286004)(8936002)(1730700003)(81166006)(81156014)(14444005)(5660300002)(256004)(4744005)(486006)(6116002)(2501003)(3846002)(52536014)(786003)(86362001)(316002)(71200400001)(53936002)(71190400001)(66556008)(55016002)(66446008)(305945005)(7696005)(76116006)(66946007)(66476007)(64756008)(7116003)(102836004)(7736002)(9686003)(6916009)(74316002)(26005)(6436002)(186003)(73956011)(5640700003)(478600001)(74482002)(6506007)(25786009)(66066001)(2906002)(8676002); DIR:OUT; SFP:1102; SCL:1; SRVR:CWLP265MB0177; H:CWLP265MB0884.GBRP265.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cam.ac.uk does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: IZ5wNQ1HoRd8c7Lu3xBJiDyxMv9HhjXNAe28UH21sycS+PP6R6YLpOO1+oEisky8xE49arB1BpZ/vdI1Qid5fK0h3yFBCg+03KgHauj6n2kZHq98+fcE6oeXJaK9A7rhWQPOS+kz/R7j3GMiq81Fs6mpXOBA14nczjzPJzw1PelW3woDHMw8eBW4pN1kAezHy9y2TFJdvgBZeHeYACIxoK5QAn0aAPT54eeE8VGSHqHOLRoSAcREp+M3X27yc1wZMZKNbMkIJw9VRnTBFKIJRWFk8F9/dFKWiYcDQ/VTB5axntE2C9cW1Sq8gaio29bIX3a8tVEDrmGP8/53+CLsgTKfTviNNN9eoxWBexT+B+trvWB0cIRF5DH0g92N9heiEYD7ITGdDiaELeg2Mt/UhADNjrF0ERa5wpPmAKvJCiA=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cam.ac.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 879d351e-9259-44fd-913b-08d6ee84eb79
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jun 2019 15:53:17.1711 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 49a50445-bdfa-4b79-ade3-547b4f3986e9
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jmh205@cam.ac.uk
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CWLP265MB0177
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/-NL5KqTAB2hdGiOV91ZuvGaw2Dc>
X-Mailman-Approved-At: Tue, 11 Jun 2019 09:04:57 -0700
Subject: [OAUTH-WG] Query on RFC 7009
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 15:55:19 -0000
Unless I'm mistaken, RFC 7009 doesn't specify the error response when the request is from a different client to the issuer. Section 2.1: > If this validation fails, the request is refused and the client is informed > of the error by the authorization server as described below. The only relevant description below I can see is in Section 2.2.1: > The error presentation conforms to the definition in Section 5.2 of [RFC6749]. However none of the error codes there seem to be applicable. unauthorized_client appears to be the closest, although there is no grant type involved. > The authenticated client is not authorized to use this authorization grant type. What is the intention here? ---- James Howe Senior IT Developer Department of Engineering University of Cambridge +44 1223 748536
- [OAUTH-WG] Query on RFC 7009 James Howe
- Re: [OAUTH-WG] Query on RFC 7009 Torsten Lodderstedt