IETF Logo Mail Archive

[OAUTH-WG] Issue token for another user

David Fox <david@davidjfox.com> Mon, 12 March 2012 02:11 UTC

Return-Path: <david@davidjfox.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58BCF21F8610 for <oauth@ietfa.amsl.com>; Sun, 11 Mar 2012 19:11:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sVlDzfmhr5ru for <oauth@ietfa.amsl.com>; Sun, 11 Mar 2012 19:11:00 -0700 (PDT)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id C6C8121F8637 for <oauth@ietf.org>; Sun, 11 Mar 2012 19:11:00 -0700 (PDT)
Received: by ggmi1 with SMTP id i1so2376150ggm.31 for <oauth@ietf.org>; Sun, 11 Mar 2012 19:10:59 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:x-gm-message-state; bh=YjUWQa9VlYLnJ4xIXQf2wrL7Z4h6CpjHae3iZ1fMgZg=; b=j5173y0XHe6oF55OIdABiko3YeYkgI+YKTWMRgz2Yb2zGpBX/nQ+1dSNdzOVfzvRFQ qosHdlf2JS/SuyIH3hzExEzVqdCqvMoxQ+YypV2T8a+0xAeCZGXLgUVESnlFgsV9bsO0 /642mB2r4Jv638yikU7IqCDUbZXO/K9q9FPEkisod5l8bmmElOvOAxYAE/SzZ7vSEeXe qCR2DVBIvWpwXMbPj85W7TvxmGDZ7ovAFxkhPOVgSObSfErYEt9VfzOZx4yXlW744LI3 FtweBf0Z9+pE8HpWku6tIt7evH1eEXsiXWIhknQqIExsei33y7kqRWi1tS1UBN2NCRpJ gqUQ==
Received: by 10.60.8.103 with SMTP id q7mr954289oea.61.1331518259618; Sun, 11 Mar 2012 19:10:59 -0700 (PDT)
Received: from [192.168.0.195] (c-24-14-127-202.hsd1.il.comcast.net. [24.14.127.202]) by mx.google.com with ESMTPS id b6sm17967520obe.12.2012.03.11.19.10.58 (version=SSLv3 cipher=OTHER); Sun, 11 Mar 2012 19:10:58 -0700 (PDT)
Message-ID: <4F5D5B32.6090604@davidjfox.com>
Date: Sun, 11 Mar 2012 21:10:58 -0500
From: David Fox <david@davidjfox.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: 'OAuth WG' <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="------------080003060604020606070900"
X-Gm-Message-State: ALoCoQmTyiPDglVeUAreIaraWP5JiWMjHiyosbsXWADsTjb4gyDDp3XvRpPPfBuzlso6WPH8kxY+
Subject: [OAUTH-WG] Issue token for another user
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2012 02:11:02 -0000

http://tools.ietf.org/html/draft-zeltsan-oauth-use-cases-02#section-3.8

In order to achieve the use case above, how would the client (a.k.a the 
resource owner in this case) specify which user to authorize?

Would the correct approach be to make a request to the Authorization 
Server with the grant type set to "client_credentials" and set the scope 
to user=user_id (where user_id would be the identifier for the user Bob)?

-David
<http://tools.ietf.org/html/draft-zeltsan-oauth-use-cases-02#section-3.8>

v2.23.0 | Report a Bug | By Email