Does OAuth 2 define the fixed path? I was thinking /authorize was just an example...<div><br></div><div>=nat<br><br><div class="gmail_quote">On Sat, Jul 2, 2011 at 9:21 AM, George Fletcher <span dir="ltr"><<a href="mailto:gffletch@aol.com">gffletch@aol.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><u></u>
<div bgcolor="#ffffff" text="#000000">
<font face="Helvetica, Arial, sans-serif">Hi John,<br>
<br>
I'm fine with the discovery spec defining the endpoints.. I was
thinking specifically of something like /userinfo, like the OAuth2
spec defines /authorize and /token path portions of the endpoint.
Do we want that part variable on an implementation by
implementation basis?<br>
<br>
Thanks,<br>
George<br>
</font><div><div></div><div class="h5"><br>
On 7/1/11 6:39 PM, John Bradley wrote:
<blockquote type="cite">I think it is better to leave the path to the IdP.
The discovery document for the IdP will list the endpoint URL.
<div><br>
</div>
<div>I would not assume that the host is necessarily the same as
the token or other endpoints.</div>
<div><br>
</div>
<div>John B.<br>
<div>
<div>On 2011-07-01, at 6:28 PM, George Fletcher wrote:</div>
<br>
<blockquote type="cite">
<div bgcolor="#ffffff" text="#000000"> <font face="Helvetica, Arial, sans-serif">Hi,<br>
<br>
I updated the text regarding the UserInfo request to say
that it is an OAuth2 protected resource supporting the
Bearer Token spec. I also changed the SHOULD to a MUST
in the response text requiring the JSON object to
compile with the specified schema if the schema
parameter requests "openid". Also did some clean ups in
the referenced specs information.<br>
<br>
One thing I just noticed is that we don't specify the
path of the UserInfo endpoint. Do we want to do so?<br>
<br>
Thanks,<br>
George</font> </div>
<span><openid-connect-userinfo-1_0.html></span>_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</div></div><pre cols="72">--
Chief Architect AIM: gffletch
Identity Services Engineering Work: <a href="mailto:george.fletcher@teamaol.com" target="_blank">george.fletcher@teamaol.com</a>
AOL Inc. Home: <a href="mailto:gffletch@aol.com" target="_blank">gffletch@aol.com</a>
Mobile: <a href="tel:%2B1-703-462-3494" value="+17034623494" target="_blank">+1-703-462-3494</a> Blog: <a href="http://practicalid.blogspot.com" target="_blank">http://practicalid.blogspot.com</a>
Office: <a href="tel:%2B1-703-265-2544" value="+17032652544" target="_blank">+1-703-265-2544</a> Twitter: <a href="http://twitter.com/gffletch" target="_blank">http://twitter.com/gffletch</a>
</pre>
</div>
<br>_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br><a href="http://twitter.com/_nat_en">http://twitter.com/_nat_en</a><br>
</div>