Re: [OAUTH-WG] Resource Indicators Implementations
Filip Skokan <panva.ip@gmail.com> Mon, 07 January 2019 17:59 UTC
Return-Path: <panva.ip@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C6C3130FD0 for <oauth@ietfa.amsl.com>; Mon, 7 Jan 2019 09:59:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9c7anPMXE1h6 for <oauth@ietfa.amsl.com>; Mon, 7 Jan 2019 09:59:32 -0800 (PST)
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EE1F12870E for <oauth@ietf.org>; Mon, 7 Jan 2019 09:59:32 -0800 (PST)
Received: by mail-ot1-x32e.google.com with SMTP id 32so1080060ota.12 for <oauth@ietf.org>; Mon, 07 Jan 2019 09:59:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rbzcr6EwIYe7ty2pScF2p7e4TrJk4AzOOPDXruTtNik=; b=mj+XEwvgSblCvoOMqgTdfVQZY7I4u7X3L015z6GAdQkbwjfT4PSf7vL8L/i0yh02go Qzf6Th/niRpcKa/QMzs86dofaKv99tYKpY7V01blZNGjzkaZucE0b+lvxdInNXnYpeGo QcgqNSVwv2L+5hvJr5SdfgBUxwI8FtymY/8DeLTJxCZ+i71Niwnmgpc4of1j31HSKsmM 1qI5K5PSLpIxEfO3I49SsftA8G9klSrrWU4LX05Y9mwDOFw+GmUsQb0abaL8Nh9IxLxr FOH1vMb1v1CC60qhuBCAzX/Tfi151Wx6AngZusyV2Jl9ExrWO9ht/7QHAwHX49TSXZAN jjTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rbzcr6EwIYe7ty2pScF2p7e4TrJk4AzOOPDXruTtNik=; b=VFANXjKI2A2GZlyX7OapzkK0fY9BrekMDMjajsLCLdceNbv9zHseqz8UyoAAlXFWuc tes8MQtNQfkwmznXS5Pg+yDq4wqieX8EZ/zX2SftlrMEh85kQvpyrdx28vZIjp2UFXgz tvK28vv0ZkWhi+O5jOiZxsDVQi5ZkG2WQhjcarwm32y60okp0pJ6OT/qsi0mZs4RQXz5 GZI8QGlsDAE+4NwSY/mEWUKGSXnF4oTuXaHOjMlKTlH9trmuTTYotA/ew3oleIZzwyIv tTJu/OIxM2Fu32oIkbto3YwjTGwbdldXyhUvP/1ykHC7lnYHhQE55j3R23iz6eXBWxvF RN+A==
X-Gm-Message-State: AJcUukeQYFx8172G0BudEFWTJtg+33VidTYEboVGrhQJmJon12HbFWmd oORLVO/pv4vJqTvXI0BuJjAcDZGhSC2mkBGXyQ==
X-Google-Smtp-Source: ALg8bN5fvl+VkU8DT//WhVbsuirFHYlok36b6Fp2AwfTGCdmUpvdcEvh7xZrdkme6U8SRl4z04ekgfZNlPMo8anH/8c=
X-Received: by 2002:a9d:7097:: with SMTP id l23mr41335920otj.49.1546883971748; Mon, 07 Jan 2019 09:59:31 -0800 (PST)
MIME-Version: 1.0
References: <CAGL6ep+tMj0BpS5XPQwSdRymZDm3UgShhzTcQ3XRK-21T+X5Yg@mail.gmail.com> <CA+k3eCSaguUWNO8530xe=MeR7EbF2EvDv_kFO-U2kTUcSesKRQ@mail.gmail.com>
In-Reply-To: <CA+k3eCSaguUWNO8530xe=MeR7EbF2EvDv_kFO-U2kTUcSesKRQ@mail.gmail.com>
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 07 Jan 2019 18:59:20 +0100
Message-ID: <CALAqi_-55NTF14bGh0YxMT5whTJBuqLzFMJgbgctJN9uZfJqiA@mail.gmail.com>
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>
Cc: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>, oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a546cb057ee1fd32"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/_RMYXGqb81FLoj9rwY116G9l_kA>
Subject: Re: [OAUTH-WG] Resource Indicators Implementations
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jan 2019 17:59:35 -0000
OSS https://github.com/panva/node-oidc-provider has the latest draft implemented. and similar to Ping, Auth0 also has a different named parameter ('audience') that works within the Resource Indicators draft boundaries. Best, *Filip* On Mon, Jan 7, 2019 at 6:48 PM Brian Campbell <bcampbell= 40pingidentity.com@dmarc.ietf.org> wrote: > Ping has an implementation that was done years ago but using a different > parameter name (see 'aud' at > https://documentation.pingidentity.com/pingfederate/pf92/index.shtml#adminGuide/tokenEndpoint.html > for one example). So it's not this exact draft per se but is conceptually > the same. And problems encountered using 'aud' as the name helped inform > the direction of the draft. So it's very much related and running code and > all that. > > My understanding is that Microsoft has an implementation. I'm no authority > on their stuff but, for example, you can see usage of the parameter in this > documentation of the code flow: > https://docs.microsoft..com/en-us/azure/active-directory/develop/v1-protocols-oauth-code > <https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code> > > On Fri, Jan 4, 2019 at 8:39 AM Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> > wrote: > >> All, >> >> As part of the write-up for the Resource Indicators document, we are >> looking for information about implementations for this document. >> https://datatracker.ietf.org/doc/draft-ietf-oauth-resource-indicators/ >> >> Please, let us know if you are aware of any implementation for this draft. >> >> Regards, >> Rifaat & Hannes >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited.. > If you have received this communication in error, please notify the sender > immediately by e-mail and delete the message and any file attachments from > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] Resource Indicators Implementations Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Resource Indicators Implementations Brian Campbell
- Re: [OAUTH-WG] Resource Indicators Implementations Filip Skokan
- Re: [OAUTH-WG] Resource Indicators Implementations Hannes Tschofenig