[Openid-specs-ab] Uses of Authorization: Basic in the specs

Justin Richer jricher at mitre.org
Wed Nov 16 14:24:22 UTC 2011


I'd rather keep Connect parallel with the examples in OAuth2. I think
we're going to see more uses of the query/form parameters for client
auth than other methods, personally.

 - Justin

On Wed, 2011-11-16 at 02:39 +0000, Anthony Nadalin wrote:
> There is also the assertion specification that adds an alternative, I
> would think that OpenID Connect can just use the methods outlined in
> the assertions spec
> 
>  
> 
> From: openid-specs-ab-bounces at lists.openid.net
> [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of John
> Bradley
> Sent: Tuesday, November 15, 2011 2:22 PM
> To: Mike Jones
> Cc: openid-specs-ab at lists.openid.net
> Subject: Re: [Openid-specs-ab] Uses of Authorization: Basic in the
> specs
> 
> 
>  
> 
> This is the token endpoint.
> 
>  
> 
> 
> The options are including the password in the body, or basic.
> 
> 
>  
> 
> 
> We have a extension authentication method we defined.
> 
> 
>  
> 
> 
> BASIC is the thing most OAuth libraries support.
> 
> 
>  
> 
> 
> Are you referring to our extension authentication method as Bearer?
> 
> 
>  
> 
> 
> John
> 
> On 2011-11-15, at 7:43 AM, Mike Jones wrote:
> 
> 
> 
> 
> Standard contains this example:
> 
> 
>  
> 
> 
> POST /token HTTP/1.1
> 
> 
> Host: server.example.com
> 
> 
> Content-Type: application/x-www-form-urlencoded
> 
> 
> Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
> 
> 
>  
> 
> 
> grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
> 
> 
> &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
> 
> 
>  
> 
> 
> Is Basic a best practice we want to use as an example in the specs, or
> would Bearer be better?
> 
> 
>  
> 
> 
> This also appears in Session:
> 
> 
>  
> 
> 
> POST /token HTTP/1.1
> 
> 
> Host: server.example.com
> 
> 
> Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
> 
> 
> Content-Type: application/x-www-form-urlencoded
> 
> 
>  
> 
> 
> grant_type=authorization_code&client_id=s6BhdRkqt3&
> 
> 
> code=i1WsRn1uB1&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
> 
> 
>  
> 
> 
>                                                             -- Mike
> 
> 
>  
> 
> 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> 
> 
>  
> 
> 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab




More information about the Openid-specs-ab mailing list