IETF Logo Mail Archive

Re: [OAUTH-WG] a question on authorization to resource and scope in request

Håvard Geithus <havardge@comoyo.com> Fri, 10 August 2012 07:50 UTC

Return-Path: <havardge@comoyo.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 268BD21F84D6 for <oauth@ietfa.amsl.com>; Fri, 10 Aug 2012 00:50:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.676
X-Spam-Level:
X-Spam-Status: No, score=-2.676 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q0nfPZyAnICp for <oauth@ietfa.amsl.com>; Fri, 10 Aug 2012 00:50:55 -0700 (PDT)
Received: from mail-gh0-f172.google.com (mail-gh0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 740B621F84CE for <oauth@ietf.org>; Fri, 10 Aug 2012 00:50:54 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so1426613ghb.31 for <oauth@ietf.org>; Fri, 10 Aug 2012 00:50:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:x-gm-message-state; bh=GLAudmWHG4a98OpI97i+Pi64ZfanYEPWh0L0Z5ofQtc=; b=gbCRqBxlE0dBH1a/Qnz/F3cQDJFL95f7DAkjcsDszLnBirBhpt1IT8vfYEAYvIpFn0 5sq1H38FMiQCch7cgz2X2x1zDyp3S1oh0ixsmuJNbTsgpW/DNprVoiM9L3qfoqubarO4 EcGBpUynNZPBgX8e/KDWetP1O1KXzHTot2ou6CRDXJeEVScHv0FPQiONL9q48buw5Bui EbPpXqvQEh/q/GXOJJ1L9bTFoDZP+e4cy1HX3LXKp5MIzzuDYr8zIJj4P5zL1hL+3U6M 98UZqjYk7+nZxsjlA28tCAg4lasPLAz7TXERH5O531SPjQ3cGMAw63C0ucy5E/lYD6jP vmIQ==
Received: by 10.50.95.230 with SMTP id dn6mr980217igb.16.1344585053850; Fri, 10 Aug 2012 00:50:53 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.231.253.13 with HTTP; Fri, 10 Aug 2012 00:50:33 -0700 (PDT)
In-Reply-To: <OFD1C31C20.08E26086-ON48257A56.002562A1-48257A56.0025E9A1@zte.com.cn>
References: <OFD1C31C20.08E26086-ON48257A56.002562A1-48257A56.0025E9A1@zte.com.cn>
From: Håvard Geithus <havardge@comoyo.com>
Date: Fri, 10 Aug 2012 09:50:33 +0200
Message-ID: <CAFR5NC8qB3btcq6njeLqODP8Dsc4ZChOkqsz5G0Z9YBq2EvPeA@mail.gmail.com>
To: zhou.sujing@zte.com.cn
Content-Type: multipart/alternative; boundary="e89a8f23438b814dcd04c6e49a09"
X-Gm-Message-State: ALoCoQnh9k18uMGNOYCJjLvQ+baGWNSomti6z6BDuFeGVoxGJFMwQt4M1TyQS64ZNKEL0CL4pJCf
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] a question on authorization to resource and scope in request
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Aug 2012 07:50:56 -0000

Hi,

Either the resource server can ask the authentication server for
information associated with the token (e.g. resource owner's id and scope)
or this information can be encrypted into the token string. The scope
defines what resources, and resource owner id defines whose resource. At
least that's how I *think* it is.

On Fri, Aug 10, 2012 at 8:53 AM, <zhou.sujing@zte.com.cn> wrote:

>
> Hi, all
>    I wonder how an access token is bound with the required resource item,
> I cann't see any field specifying the requested resource  in request for
> authorization token and access token.
> Is "scope" relevant with this?
>
> Regards~~~
>
> -Sujing Zhou
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>

v2.23.0 | Report a Bug | By Email