Re: [OAUTH-WG] ABNF in draft 11
Eran Hammer-Lahav <eran@hueniverse.com> Thu, 25 November 2010 07:03 UTC
Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E95DC3A6AAB for <oauth@core3.amsl.com>; Wed, 24 Nov 2010 23:03:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9BlEAEtxLWla for <oauth@core3.amsl.com>; Wed, 24 Nov 2010 23:03:11 -0800 (PST)
Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by core3.amsl.com (Postfix) with SMTP id E0DB53A6AA6 for <oauth@ietf.org>; Wed, 24 Nov 2010 23:03:10 -0800 (PST)
Received: (qmail 19157 invoked from network); 25 Nov 2010 07:04:10 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.19) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 25 Nov 2010 07:04:10 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.20]) by P3PW5EX1HT001.EX1.SECURESERVER.NET ([72.167.180.19]) with mapi; Thu, 25 Nov 2010 00:04:11 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: "Manger, James H" <James.H.Manger@team.telstra.com>, OAuth WG <oauth@ietf.org>
Date: Thu, 25 Nov 2010 00:04:01 -0700
Thread-Topic: ABNF in draft 11
Thread-Index: AcuLrE0WNL4CckMHSC6Rvg1Kh0kB/QArB9ZgAATzm+A=
Message-ID: <90C41DD21FB7C64BB94121FBBC2E72343D4B06532C@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <90C41DD21FB7C64BB94121FBBC2E72343D4AE3B191@P3PW5EX1MB01.EX1.SECURESERVER.NET> <255B9BB34FB7D647A506DC292726F6E112789E5CDD@WSMSG3153V.srv.dir.telstra.com>
In-Reply-To: <255B9BB34FB7D647A506DC292726F6E112789E5CDD@WSMSG3153V.srv.dir.telstra.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [OAUTH-WG] ABNF in draft 11
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Nov 2010 07:03:12 -0000
Thanks James. This is my current text. Let me know if there are more issues. EHL --- 6.2. The WWW-Authenticate Response Header Field If the protected resource request does not include authentication credentials, contains an invalid access token, or is malformed, the resource server MUST include the HTTP "WWW-Authenticate" response header field. The "WWW-Authenticate" header field uses the framework defined by [RFC2617] as follows: challenge = "OAuth2" RWS #param param = scope / error / error-desc / error-uri / ( token "=" ( token / quoted-string ) ) scope = "scope" "=" <"> scope-v *( SP scope-v ) <"> scope-v = 1*quoted-char quoted-char = ALPHA / DIGIT / "!" / "#" / "$" / "%" / "&" / "'" / "(" / ")" / "*" / "+" / "-" / "." / "/" / ":" / "<" / "=" / ">" / "?" / "@" / "[" / "]" / "^" / "_" / "`" / "{" / "|" / "}" / "~" / "\" / "," / ";" error = "error" "=" quoted-string error-desc = "error_description" "=" quoted-string error-uri = "error_uri" = <"> URI-Reference <"> The "scope" attribute is a space-delimited list of scope values indicating the required scope of the access token for accessing the requested resource. The "scope" attribute MUST NOT appear more than once. If the protected resource request included an access token and failed authentication, the resource server SHOULD include the "error" attribute to provide the client with the reason why the access request was declined. The parameter value is described in Section 6.2.1. In addition, the resource server MAY include the "error_description" attribute to provide a human-readable explanation, and the "error-uri" attribute with an absolute URI identifying a human-readable web page explaining the error. The "error", "error_description", and "error_uri" attribute MUST NOT appear more than once. For example, in response to a protected resource request without authentication: HTTP/1.1 401 Unauthorized WWW-Authenticate: OAuth2 And in response to a protected resource request with an authentication attempt using an expired access token: HTTP/1.1 401 Unauthorized WWW-Authenticate: OAuth2 error="invalid_token", error_description="The access token expired"
- [OAUTH-WG] Fwd: Dropping 'realm' parameter John Kemp
- [OAUTH-WG] Dropping 'realm' parameter Eran Hammer-Lahav
- Re: [OAUTH-WG] Fwd: Dropping 'realm' parameter Eran Hammer-Lahav
- [OAUTH-WG] ABNF in draft 11 Manger, James H
- Re: [OAUTH-WG] ABNF in draft 11 Eran Hammer-Lahav
- Re: [OAUTH-WG] ABNF in draft 11 Manger, James H
- Re: [OAUTH-WG] ABNF in draft 11 Eran Hammer-Lahav