Re: [OAUTH-WG] draft-richer-oauth-introspection-01 scope syntax

Mike Jones <Michael.Jones@microsoft.com> Wed, 30 January 2013 22:31 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E885721F87E4 for <oauth@ietfa.amsl.com>; Wed, 30 Jan 2013 14:31:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h8ay7weHx8AE for <oauth@ietfa.amsl.com>; Wed, 30 Jan 2013 14:31:39 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (na01-bl2-obe.ptr.protection.outlook.com [65.55.169.24]) by ietfa.amsl.com (Postfix) with ESMTP id D5EAD21F8521 for <oauth@ietf.org>; Wed, 30 Jan 2013 14:31:38 -0800 (PST)
Received: from BY2FFO11FD006.protection.gbl (10.1.15.201) by BY2FFO11HUB033.protection.gbl (10.1.14.117) with Microsoft SMTP Server (TLS) id 15.0.596.13; Wed, 30 Jan 2013 22:31:29 +0000
Received: from TK5EX14HUBC105.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD006.mail.protection.outlook.com (10.1.14.127) with Microsoft SMTP Server (TLS) id 15.0.596.13 via Frontend Transport; Wed, 30 Jan 2013 22:31:29 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.132]) by TK5EX14HUBC105.redmond.corp.microsoft.com ([157.54.80.48]) with mapi id 14.02.0318.003; Wed, 30 Jan 2013 22:31:02 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Justin Richer <jricher@mitre.org>, Todd W Lainhart <lainhart@us.ibm.com>
Thread-Topic: [OAUTH-WG] draft-richer-oauth-introspection-01 scope syntax
Thread-Index: AQHN/zkLX95KBUoPG0yqjs/GXlBtLZhidAiAgAAAcsA=
Date: Wed, 30 Jan 2013 22:31:01 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943673EC70B@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <OF3031393A.750F4AB2-ON85257B03.007AD84B-85257B03.007B56E7@us.ibm.com> <51099EBD.5050204@mitre.org>
In-Reply-To: <51099EBD.5050204@mitre.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.76]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943673EC70BTK5EX14MBXC284r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(479174001)(24454001)(377454001)(189002)(199002)(63696002)(16406001)(49866001)(47976001)(512954001)(74502001)(550184003)(56816002)(44976002)(53806001)(55846006)(54356001)(5343655001)(47736001)(16236675001)(50986001)(33656001)(76482001)(77982001)(4396001)(15202345001)(20776003)(47446002)(59766001)(51856001)(74662001)(46102001)(54316002)(31966008)(5343635001)(56776001)(79102001); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB033; H:TK5EX14HUBC105.redmond.corp.microsoft.com; RD:; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0742443479
Cc: IETF oauth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] draft-richer-oauth-introspection-01 scope syntax
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jan 2013 22:31:40 -0000

Let JSON do the parsing for you

From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Justin Richer
Sent: Wednesday, January 30, 2013 2:29 PM
To: Todd W Lainhart
Cc: IETF oauth WG
Subject: Re: [OAUTH-WG] draft-richer-oauth-introspection-01 scope syntax

It's not meant to follow the same syntax. Instead, it's making use of the JSON object structure to avoid additional parsing of the values on the client side.

We could fairly easily define it as the same space-delimited string if enough people want to keep the scope format consistent.

 -- Justin
On 01/30/2013 05:27 PM, Todd W Lainhart wrote:
That the scope syntax in draft-richer-oauth-introspection-01 is different than RFC 6749 Section 3.3, as in:


   "scope": ["read", "write", "dolphin"],

vs.

  scope = scope-token *( SP scope-token )
     scope-token = 1*( %x21 / %x23-5B / %x5D-7E )

Should introspection-01 follow the 6749 syntax for scopes?






_______________________________________________

OAuth mailing list

OAuth@ietf.org<mailto:OAuth@ietf.org>

https://www.ietf.org/mailman/listinfo/oauth