IETF Logo Mail Archive

Re: [OAUTH-WG] Resource Indicators Implementations

Filip Skokan <panva.ip@gmail.com> Mon, 07 January 2019 17:59 UTC

Return-Path: <panva.ip@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C6C3130FD0 for <oauth@ietfa.amsl.com>; Mon, 7 Jan 2019 09:59:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9c7anPMXE1h6 for <oauth@ietfa.amsl.com>; Mon, 7 Jan 2019 09:59:32 -0800 (PST)
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EE1F12870E for <oauth@ietf.org>; Mon, 7 Jan 2019 09:59:32 -0800 (PST)
Received: by mail-ot1-x32e.google.com with SMTP id 32so1080060ota.12 for <oauth@ietf.org>; Mon, 07 Jan 2019 09:59:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rbzcr6EwIYe7ty2pScF2p7e4TrJk4AzOOPDXruTtNik=; b=mj+XEwvgSblCvoOMqgTdfVQZY7I4u7X3L015z6GAdQkbwjfT4PSf7vL8L/i0yh02go Qzf6Th/niRpcKa/QMzs86dofaKv99tYKpY7V01blZNGjzkaZucE0b+lvxdInNXnYpeGo QcgqNSVwv2L+5hvJr5SdfgBUxwI8FtymY/8DeLTJxCZ+i71Niwnmgpc4of1j31HSKsmM 1qI5K5PSLpIxEfO3I49SsftA8G9klSrrWU4LX05Y9mwDOFw+GmUsQb0abaL8Nh9IxLxr FOH1vMb1v1CC60qhuBCAzX/Tfi151Wx6AngZusyV2Jl9ExrWO9ht/7QHAwHX49TSXZAN jjTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rbzcr6EwIYe7ty2pScF2p7e4TrJk4AzOOPDXruTtNik=; b=VFANXjKI2A2GZlyX7OapzkK0fY9BrekMDMjajsLCLdceNbv9zHseqz8UyoAAlXFWuc tes8MQtNQfkwmznXS5Pg+yDq4wqieX8EZ/zX2SftlrMEh85kQvpyrdx28vZIjp2UFXgz tvK28vv0ZkWhi+O5jOiZxsDVQi5ZkG2WQhjcarwm32y60okp0pJ6OT/qsi0mZs4RQXz5 GZI8QGlsDAE+4NwSY/mEWUKGSXnF4oTuXaHOjMlKTlH9trmuTTYotA/ew3oleIZzwyIv tTJu/OIxM2Fu32oIkbto3YwjTGwbdldXyhUvP/1ykHC7lnYHhQE55j3R23iz6eXBWxvF RN+A==
X-Gm-Message-State: AJcUukeQYFx8172G0BudEFWTJtg+33VidTYEboVGrhQJmJon12HbFWmd oORLVO/pv4vJqTvXI0BuJjAcDZGhSC2mkBGXyQ==
X-Google-Smtp-Source: ALg8bN5fvl+VkU8DT//WhVbsuirFHYlok36b6Fp2AwfTGCdmUpvdcEvh7xZrdkme6U8SRl4z04ekgfZNlPMo8anH/8c=
X-Received: by 2002:a9d:7097:: with SMTP id l23mr41335920otj.49.1546883971748; Mon, 07 Jan 2019 09:59:31 -0800 (PST)
MIME-Version: 1.0
References: <CAGL6ep+tMj0BpS5XPQwSdRymZDm3UgShhzTcQ3XRK-21T+X5Yg@mail.gmail.com> <CA+k3eCSaguUWNO8530xe=MeR7EbF2EvDv_kFO-U2kTUcSesKRQ@mail.gmail.com>
In-Reply-To: <CA+k3eCSaguUWNO8530xe=MeR7EbF2EvDv_kFO-U2kTUcSesKRQ@mail.gmail.com>
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 07 Jan 2019 18:59:20 +0100
Message-ID: <CALAqi_-55NTF14bGh0YxMT5whTJBuqLzFMJgbgctJN9uZfJqiA@mail.gmail.com>
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>
Cc: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>, oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a546cb057ee1fd32"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/_RMYXGqb81FLoj9rwY116G9l_kA>
Subject: Re: [OAUTH-WG] Resource Indicators Implementations
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jan 2019 17:59:35 -0000

OSS https://github.com/panva/node-oidc-provider has the latest draft
implemented.

and similar to Ping, Auth0 also has a different named parameter
('audience') that works within the Resource Indicators draft boundaries.

Best,
*Filip*


On Mon, Jan 7, 2019 at 6:48 PM Brian Campbell <bcampbell=
40pingidentity.com@dmarc.ietf.org> wrote:

> Ping has an implementation that was done years ago but using a different
> parameter name (see 'aud' at
> https://documentation.pingidentity.com/pingfederate/pf92/index.shtml#adminGuide/tokenEndpoint.html
> for one example). So it's not this exact draft per se but is conceptually
> the same. And problems encountered using 'aud' as the name helped inform
> the direction of the draft. So it's very much related and running code and
> all that.
>
> My understanding is that Microsoft has an implementation. I'm no authority
> on their stuff but, for example, you can see usage of the parameter in this
> documentation of the code flow:
> https://docs.microsoft..com/en-us/azure/active-directory/develop/v1-protocols-oauth-code
> <https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code>
>
> On Fri, Jan 4, 2019 at 8:39 AM Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
> wrote:
>
>> All,
>>
>> As part of the write-up for the Resource Indicators document, we are
>> looking for information about implementations for this document.
>> https://datatracker.ietf.org/doc/draft-ietf-oauth-resource-indicators/
>>
>> Please, let us know if you are aware of any implementation for this draft.
>>
>> Regards,
>>  Rifaat & Hannes
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited..
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*_______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email