tag:blogger.com,1999:blog-12447072.post2377505280271746174..comments2024-02-13T08:56:52.521-05:00Comments on ConnectID: Another angle on OAuth & ID-WSFPaul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-12447072.post-46137199896924878952008-10-03T19:26:00.000-04:002008-10-03T19:26:00.000-04:00In addition the standard OAuth flow allows for the...In addition the standard OAuth flow allows for the SP/WSC to try and get the attribute from the SP in an "un-authorized" state. If the resource requires authorization, the SP sends back a HTTP 401 and requests authorization (section 5.4.2 of the core spec).George Fletcherhttps://www.blogger.com/profile/12081110172957645007noreply@blogger.comtag:blogger.com,1999:blog-12447072.post-34316784347231680042008-10-03T14:52:00.000-04:002008-10-03T14:52:00.000-04:00Hi Paul,yes - there is a work in progress to conve...Hi Paul,<BR/><BR/>yes - there is a work in progress to convert this into a real spec (http://oauth.googlecode.com/svn/spec/ext/session/1.0/drafts/1/spec.html) but at this time the wiki page (http://wiki.oauth.net/ScalableOAuth) is more easy to read and understand.<BR/><BR/>thanks<BR/>PraveenPraveenhttps://www.blogger.com/profile/10778095038892167017noreply@blogger.comtag:blogger.com,1999:blog-12447072.post-46061188674768158972008-10-03T12:26:00.000-04:002008-10-03T12:26:00.000-04:00Hi Praveen, I hadnt looked at it in detail, but I ...Hi Praveen, I hadnt looked at it in detail, but I was aware of it. I referred to it in the original doc as <BR/><BR/>"New functionality for token management (e.g. Renew, revoke, etc) is work in progress"<BR/><BR/>I'll add a link in the paper (if you agree that this is an accurate description?)<BR/><BR/>thanks<BR/><BR/>paulPaul Madsenhttps://www.blogger.com/profile/08489111023182783403noreply@blogger.comtag:blogger.com,1999:blog-12447072.post-61682960459486642592008-10-03T12:12:00.000-04:002008-10-03T12:12:00.000-04:00Have you looked at the proposed ScalableOAuth Exte...Have you looked at the proposed ScalableOAuth Extension ?<BR/><BR/>http://wiki.oauth.net/ScalableOAuth<BR/><BR/>in particular the additional authorization flow.Praveenhttps://www.blogger.com/profile/10778095038892167017noreply@blogger.com