[OAUTH-WG] Assertion flow response missing an expires_in parameter?
Andrew Arnott <andrewarnott@gmail.com> Sat, 08 May 2010 01:11 UTC
Return-Path: <andrewarnott@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1A1EC3A67CC for <oauth@core3.amsl.com>; Fri, 7 May 2010 18:11:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.739
X-Spam-Level:
X-Spam-Status: No, score=-0.739 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jNkN2Fznqi-4 for <oauth@core3.amsl.com>; Fri, 7 May 2010 18:11:42 -0700 (PDT)
Received: from mail-gx0-f217.google.com (mail-gx0-f217.google.com [209.85.217.217]) by core3.amsl.com (Postfix) with ESMTP id 868F23A657C for <oauth@ietf.org>; Fri, 7 May 2010 18:11:39 -0700 (PDT)
Received: by gxk9 with SMTP id 9so1265790gxk.8 for <oauth@ietf.org>; Fri, 07 May 2010 18:11:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=O7nyWsg4dj/fjqDiZEJCfY4LRXbq91/NengiW7AJjK4=; b=XZhYAxXOxXBgBFrVZ13JsbzzM4jyGxdqq/aJSxahhJ1Pb4ZHnpe5oEAENFnqWT3G2K aVfZncE6XVzsWYmIyxy8Yd9MQJuuCxRIrinfD4D2n3g+NauxPmyJKFIgVqNb0+rYvays dgBa8vVbW932X82HdMBQV5tPeKBJ6wwogfUr0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=sITP3VDQ/vBbqvhMgDCYXSmBuDCwAL8hkoelRtAjBpvFofIAvfSnze/wE+3AGL+G3x wTp+JMvLjgZGjFIoau6cDauzZFIxOQnCfZv1B4PFFfmnkdhWbVItMCRpQ0YzlCL45fH8 I9gxg+ZbGjt2yGxXfMaAxz8kkiHn+i+vQK4Wc=
MIME-Version: 1.0
Received: by 10.150.250.42 with SMTP id x42mr4652114ybh.193.1273281084448; Fri, 07 May 2010 18:11:24 -0700 (PDT)
Received: by 10.151.105.17 with HTTP; Fri, 7 May 2010 18:11:24 -0700 (PDT)
Date: Fri, 07 May 2010 18:11:24 -0700
Message-ID: <AANLkTimfIrlb5OQ7vd9bixRJtDXXeUSGvO6HF_nF1vvV@mail.gmail.com>
From: Andrew Arnott <andrewarnott@gmail.com>
To: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000e0cd6e72cbce2a904860ada92"
Subject: [OAUTH-WG] Assertion flow response missing an expires_in parameter?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 May 2010 01:11:43 -0000
In the assertion flow the authorization server issues an access token. In other flows, the access token is accompanied by an expires_in parameter, but not in this one according to the latest draft of the spec. Was this intentional? -- Andrew Arnott "I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
- [OAUTH-WG] Assertion flow response missing an exp… Andrew Arnott