draft-ietf-oauth-resource-indicators-04.txt   draft-ietf-oauth-resource-indicators-05.txt 
OAuth Working Group B. Campbell OAuth Working Group B. Campbell
Internet-Draft Ping Identity Internet-Draft Ping Identity
Intended status: Standards Track J. Bradley Intended status: Standards Track J. Bradley
Expires: January 22, 2020 Yubico Expires: January 24, 2020 Yubico
H. Tschofenig H. Tschofenig
Arm Limited Arm Limited
July 21, 2019 July 23, 2019
Resource Indicators for OAuth 2.0 Resource Indicators for OAuth 2.0
draft-ietf-oauth-resource-indicators-04 draft-ietf-oauth-resource-indicators-05
Abstract Abstract
An extension to the OAuth 2.0 Authorization Framework defining An extension to the OAuth 2.0 Authorization Framework defining
request parameters that enable a client to explicitly signal to an request parameters that enable a client to explicitly signal to an
authorization server about the identity of the protected resource(s) authorization server about the identity of the protected resource(s)
to which it is requesting access. to which it is requesting access.
Status of This Memo Status of This Memo
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 22, 2020. This Internet-Draft will expire on January 24, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 5, line 48 skipping to change at page 5, line 48
resources the client is going to access on her behalf, to meet policy resources the client is going to access on her behalf, to meet policy
decision (e.g. refuse the request due to unknown resources), and decision (e.g. refuse the request due to unknown resources), and
determine the set of resources that can be used in subsequent access determine the set of resources that can be used in subsequent access
token requests. token requests.
If the authorization server fails to parse the provided value(s) or If the authorization server fails to parse the provided value(s) or
does not consider the resource(s) acceptable, it should reject the does not consider the resource(s) acceptable, it should reject the
request with an error response using the error code "invalid_target" request with an error response using the error code "invalid_target"
as the value of the "error" parameter and can provide additional as the value of the "error" parameter and can provide additional
information regarding the reasons for the error using the information regarding the reasons for the error using the
"error_description" and/or "error_uri" parameters. "error_description".
An example of an authorization request where the client tells the An example of an authorization request where the client tells the
authorization server that it wants an access token for use at authorization server that it wants an access token for use at
"https://api.example.com/app/" is shown in Figure 1 below (extra line "https://api.example.com/app/" is shown in Figure 1 below (extra line
breaks and indentation are for display purposes only). breaks and indentation are for display purposes only).
GET /as/authorization.oauth2?response_type=token GET /as/authorization.oauth2?response_type=token
&client_id=example-client &client_id=example-client
&state=XzZaJlcwYew1u0QBrRv_Gw &state=XzZaJlcwYew1u0QBrRv_Gw
&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Eorg%2Fcb &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Eorg%2Fcb
skipping to change at page 12, line 11 skipping to change at page 12, line 11
Vittorio Bertocci, Sergey Beryozkin, Roman Danyliw, William Denniss, Vittorio Bertocci, Sergey Beryozkin, Roman Danyliw, William Denniss,
Vladimir Dzhuvinov, George Fletcher, Dick Hardt, Phil Hunt, Michael Vladimir Dzhuvinov, George Fletcher, Dick Hardt, Phil Hunt, Michael
Jones, Torsten Lodderstedt, Anthony Nadalin, Justin Richer, Nat Jones, Torsten Lodderstedt, Anthony Nadalin, Justin Richer, Nat
Sakimura, Rifaat Shekh-Yusef, Filip Skokan, and Hans Zandbelt. Sakimura, Rifaat Shekh-Yusef, Filip Skokan, and Hans Zandbelt.
Appendix B. Document History Appendix B. Document History
[[ to be removed by the RFC Editor before publication as an RFC ]] [[ to be removed by the RFC Editor before publication as an RFC ]]
draft-ietf-oauth-resource-indicators-05
o Remove specific mention of error_uri, which is rarely (if ever)
used and seems to only confuse things for readers of extensions
like this one.
draft-ietf-oauth-resource-indicators-04 draft-ietf-oauth-resource-indicators-04
o Editorial updates from AD review that were overlooked in -03. o Editorial updates from AD review that were overlooked in -03.
draft-ietf-oauth-resource-indicators-03 draft-ietf-oauth-resource-indicators-03
o Editorial updates from AD review. o Editorial updates from AD review.
o Update draft-ietf-oauth-jwsreq ref to -19. o Update draft-ietf-oauth-jwsreq ref to -19.
o Update the IANA requests to say they update the registries. o Update the IANA requests to say they update the registries.
skipping to change at page 12, line 44 skipping to change at page 13, line 4
functionality. functionality.
o Allow the "resource" parameter value to have a query component o Allow the "resource" parameter value to have a query component
(aligning with draft-ietf-oauth-token-exchange). (aligning with draft-ietf-oauth-token-exchange).
o Moved the Security Considerations section to before the IANA o Moved the Security Considerations section to before the IANA
Considerations. Considerations.
o Other editorial updates. o Other editorial updates.
o Rework the Acknowledgements section. o Rework the Acknowledgements section.
o Use RFC 8174 boilerplate. o Use RFC 8174 boilerplate.
draft-ietf-oauth-resource-indicators-00 draft-ietf-oauth-resource-indicators-00
o First version of the working group document. A replica of draft- o First version of the working group document. A replica of draft-
campbell-oauth-resource-indicators-02. campbell-oauth-resource-indicators-02.
draft-campbell-oauth-resource-indicators-02 draft-campbell-oauth-resource-indicators-02
o No changes. o No changes.
draft-campbell-oauth-resource-indicators-01
o Move Hannes Tschofenig, who wrote https://tools.ietf.org/html/ o Move Hannes Tschofenig, who wrote https://tools.ietf.org/html/
draft-tschofenig-oauth-audience in '13, from Acknowledgements to draft-tschofenig-oauth-audience in '13, from Acknowledgements to
Authors. Authors.
o Added IANA Considerations to register the "resource" parameter and o Added IANA Considerations to register the "resource" parameter and
"invalid_resource" error code. "invalid_resource" error code.
draft-campbell-oauth-resource-indicators-00 draft-campbell-oauth-resource-indicators-00
o Initial draft to define a resource parameter for OAuth 2.0. o Initial draft to define a resource parameter for OAuth 2.0.
 End of changes. 8 change blocks. 
6 lines changed or deleted 13 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/