IETF Logo Mail Archive

[OAUTH-WG] Requesting mutliple scope, but user authorizes not all

Martin Ley <m.ley@tarent.de> Fri, 26 November 2010 08:40 UTC

Return-Path: <m.ley@tarent.de>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 990203A6A55 for <oauth@core3.amsl.com>; Fri, 26 Nov 2010 00:40:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.351
X-Spam-Level:
X-Spam-Status: No, score=0.351 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 52wgvNb0+zcz for <oauth@core3.amsl.com>; Fri, 26 Nov 2010 00:40:20 -0800 (PST)
Received: from ugs.tarent.de (gate.tarent.de [212.79.178.249]) by core3.amsl.com (Postfix) with ESMTP id 4F0DD3A69A6 for <oauth@ietf.org>; Fri, 26 Nov 2010 00:40:20 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by ugs.tarent.de (Postfix) with ESMTP id 366D140224BD1 for <oauth@ietf.org>; Fri, 26 Nov 2010 09:41:22 +0100 (CET)
Received: from localhost (localhost [127.0.0.1]) by ugs.tarent.de (Postfix) with ESMTP id 2DF9240009994 for <oauth@ietf.org>; Fri, 26 Nov 2010 09:41:22 +0100 (CET)
X-Virus-Scanned: by amavisd-new-2.6.1 (20080629) (Debian) at tarent.de
Received: from ugs.tarent.de ([127.0.0.1]) by localhost (ugs.tarent.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pZ9V-APyuq9y for <oauth@ietf.org>; Fri, 26 Nov 2010 09:41:22 +0100 (CET)
Received: from localhost (localhost [127.0.0.1]) by ugs.tarent.de (Postfix) with ESMTP id 1A9B440224BD1 for <oauth@ietf.org>; Fri, 26 Nov 2010 09:41:22 +0100 (CET)
Received: from http-v.fe.bosch.de (http-v.fe.bosch.de [194.39.218.10]) by ugs.tarent.de (Horde Framework) with HTTP; Fri, 26 Nov 2010 09:41:22 +0100
Message-ID: <20101126094122.53764oqlukyiow4y@ugs.tarent.de>
Date: Fri, 26 Nov 2010 09:41:22 +0100
From: Martin Ley <m.ley@tarent.de>
To: oauth@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; DelSp="Yes"; format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Dynamic Internet Messaging Program (DIMP) H3 (1.1.4)
Subject: [OAUTH-WG] Requesting mutliple scope, but user authorizes not all
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Nov 2010 08:43:28 -0000

Dear list,

perhaps I've overread it in the specification or it was not explicit  
about my required scenario:


The Web-Server-Flow is used. An application requests data about the  
user. The scopes are dateofbirth,isover18,address. Now the user is  
forwarded to the authorization server to identify and authenticate and  
give permissions to the applications. The user decides to give only  
permission for the isover18 scope but not dateofbirth and address.

How would the application be notified about the granted scopes and the  
not granted scopes?

Best regards

Martin


-- 
tarent Gesellschaft für Softwareentwicklung und IT-Beratung mbH
Geschäftsführer: Boris Esser, Elmar Geese
HRB AG Bonn 5168 - USt-ID (VAT): DE122264941

Heilsbachstraße 24, 53123 Bonn,   Telefon: +49 228 52675-0
Thiemannstraße 36a, 12059 Berlin, Telefon: +49 30 5682943-30
Internet: http://www.tarent.de/   Telefax: +49 228 52675-25

v2.23.0 | Report a Bug | By Email