IETF 94 Yokohama OAuth WG Meeting Oauth Meta

  • Slides: 6
Download presentation
IETF 94 Yokohama OAuth WG Meeting Oauth Meta https: //tools. ietf. org/html/draft-sakimura-oauth-meta-05 2015 -11

IETF 94 Yokohama OAuth WG Meeting Oauth Meta https: //tools. ietf. org/html/draft-sakimura-oauth-meta-05 2015 -11 -05 Nat Sakimura Nomura Research Institute

In a nut shell n. Discover the first end point (Authz Endpoint), then you

In a nut shell n. Discover the first end point (Authz Endpoint), then you can follow the subsequent through “hyper-links” a. k. a. HATEOAS n. Follows RFC 5988 Web Linking l. But 302 redirect cannot use HTTP response header … so we introduce query parameters as well. n. New parameters (rels) lturi – Token Endpoint URI lruri – Resource Endpoint URI lduri – Discovery Endpoint URI ▪ Potentially with a hash of the discovery document attached. n. Auhtz EP returns them as query parameters n. Token EP returns them according to RFC 5988 © 2014 by Nomura Research Institute. All rights reserved.

Authz EP Response Example HTTP/1. 1 302 Found Location: https: //client. example. com/cb ?

Authz EP Response Example HTTP/1. 1 302 Found Location: https: //client. example. com/cb ? code=Splxl. OBe. ZQQYb. YS 6 Wx. Sb. IA &turi=https%3 A%2 F%2 Fexample. com%2 Ftoken &duri=https%3 A%2 F%2 Fexample. com%2 Fdisco &state=xyz © 2014 by Nomura Research Institute. All rights reserved. 3

Token EP Response Example HTTP/1. 1 200 OK Link: <https: //example. com/userinfo>; rel="ruri", <https:

Token EP Response Example HTTP/1. 1 200 OK Link: <https: //example. com/userinfo>; rel="ruri", <https: //example. com/disco>; rel="duri" Content-Type: application/JSON; charset=utf-8 { "access_token": "a. Ce. Ss. To. Ken" } © 2014 by Nomura Research Institute. All rights reserved. 4

IANA Considerations - Link Type Registration n Pursuant to [RFC 5988], the following link

IANA Considerations - Link Type Registration n Pursuant to [RFC 5988], the following link type registrations [[will to link-relations@ietf. org. be]] registered by mail o Relation Name: turl o Description: An OAuth 2. 0 Token Endpoint specified in section 3. 2 of [RFC 6749]. o Reference: This specification o Relation Name: rurl o Description: An OAuth 2. 0 Resource Endpoint specified in section 3. 2 of [RFC 6750]. o Reference: This specification o Relation Name: durl o Description: An OAuth 2. 0 Discovery Endpoint specified in [[discovery spec]]. o Reference: This specification © 2014 by Nomura Research Institute. All rights reserved. 5

Just 1. 5 pages! After removing templated text © 2014 by Nomura Research Institute.

Just 1. 5 pages! After removing templated text © 2014 by Nomura Research Institute. All rights reserved. 6

OAuth 2 0 Security IETF OAuth WG ConferenceOAuth 2 0 Security IETF OAuth WG Conference
IETF DTN Working Group IETF 94 Yokohama TuesdayIETF DTN Working Group IETF 94 Yokohama Tuesday
Yokohama Scandinavia AB Rally PP Engineering Rallycross YokohamaYokohama Scandinavia AB Rally PP Engineering Rallycross Yokohama
Meta meta Name content httpequiv Name content metaMeta meta Name content httpequiv Name content meta
META NAME META ROBOTS META TAG v ngMETA NAME META ROBOTS META TAG v ng