[OAUTH-WG] error response for invalid refresh token
Peter Brindisi <peter.brindisi@gmail.com> Tue, 21 February 2012 13:33 UTC
Return-Path: <peter.brindisi@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63B3B21F87A3 for <oauth@ietfa.amsl.com>; Tue, 21 Feb 2012 05:33:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ottwJeXCKlmK for <oauth@ietfa.amsl.com>; Tue, 21 Feb 2012 05:33:22 -0800 (PST)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id D99DD21F879F for <oauth@ietf.org>; Tue, 21 Feb 2012 05:33:21 -0800 (PST)
Received: by ghbg16 with SMTP id g16so3316905ghb.31 for <oauth@ietf.org>; Tue, 21 Feb 2012 05:33:21 -0800 (PST)
Received-SPF: pass (google.com: domain of peter.brindisi@gmail.com designates 10.236.77.8 as permitted sender) client-ip=10.236.77.8;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of peter.brindisi@gmail.com designates 10.236.77.8 as permitted sender) smtp.mail=peter.brindisi@gmail.com; dkim=pass header.i=peter.brindisi@gmail.com
Received: from mr.google.com ([10.236.77.8]) by 10.236.77.8 with SMTP id c8mr35868231yhe.3.1329831201499 (num_hops = 1); Tue, 21 Feb 2012 05:33:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; bh=OghNVZQNHu9VDUa3f00hf/ZqAajfvNk+2nLDhY2WYmQ=; b=P5Sl60rJn/IxsprTDotf9apJM+zh/UOUf0I1fgswitimOMjpk1M0ALCpU/wP3yh52t bJbaqsfineD2KVepWCn69Wb6k/jlFLZcPIGXThRAs7e//umJatNFZtq9uJsfvUvkF4KF q7Gr0KdhbmIoSqu86P+obbPdvosQkRW5pK1Vc=
Received: by 10.236.77.8 with SMTP id c8mr27766627yhe.3.1329831201463; Tue, 21 Feb 2012 05:33:21 -0800 (PST)
MIME-Version: 1.0
Received: by 10.147.171.2 with HTTP; Tue, 21 Feb 2012 05:33:01 -0800 (PST)
From: Peter Brindisi <peter.brindisi@gmail.com>
Date: Tue, 21 Feb 2012 14:33:01 +0100
Message-ID: <CAOqH_VV4uCjyz-UP9AhNoQPuesv6Z0Wbi7Zt=tz-B4qXh0efgw@mail.gmail.com>
To: oauth@ietf.org
Content-Type: multipart/alternative; boundary="20cf3005153a5fdd9c04b9797407"
Subject: [OAUTH-WG] error response for invalid refresh token
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Feb 2012 13:33:22 -0000
Hi all, I am currently implementing version 23 of the oauth2 spec, and I came across a bit of ambiguity. What is the appropriate error code for an invalid refresh token? I am unsure whether it should be 'invalid_grant' or 'invalid_request'. Neither seems 100% clear. Thanks in advance! Best, Peter
- [OAUTH-WG] error response for invalid refresh tok… Peter Brindisi
- Re: [OAUTH-WG] error response for invalid refresh… Buhake Sindi
- Re: [OAUTH-WG] error response for invalid refresh… Eran Hammer