+1 for moving immediate here as well.
On Thu, Jun 10, 2010 at 4:18 PM, Eran Hammer-Lahav <e...@hueniverse.com> wrote: > Since these are all extensions to the end-user endpoint, I'd suggest we move > the 'immediate' parameter here as well. > > <t hangText='immediate'> > <vspace /> > OPTIONAL. The parameter value must be set to <spanx > style='verb'>true</spanx> or > <spanx style='verb'>false</spanx>. If set to > <spanx style='verb'>true</spanx>, the authorization server > MUST NOT prompt the > end-user to authenticate or approve access. Instead, the > authorization server > attempts to establish the end-user's identity via other means > (e.g. browser > cookies) and checks if the end-user has previously approved an > identical access > request by the same client and if that access grant is still > active. If the > authorization server does not support an immediate check or if > it is unable to > establish the end-user's identity or approval status, it MUST > deny the request > without prompting the end-user. Defaults to <spanx > style='verb'>false</spanx> if > omitted. > </t> > EHL > >> -----Original Message----- >> From: David Recordon [mailto:record...@gmail.com] >> Sent: Wednesday, June 09, 2010 12:06 PM >> To: Eran Hammer-Lahav; Allen Tom; Breno de Medeiros; Luke Shepard >> Cc: OAuth WG >> Subject: Re: [OAUTH-WG] A display parameter for user authorization >> requests >> >> First draft of the UX Extension is at >> http://github.com/daveman692/OAuth-2.0/raw/master/draft-recordon- >> oauth-v2-ux-00.txt. >> >> Eran, I'm more than happy to have you take over as editor. >> >> I included Allen and Breno as authors since I followed Allen's suggestion and >> adopted the language preference parameter from the OpenID extension. I >> also included Luke as an author since he wrote the first pass of a display >> parameter. That said, none of them have seen this draft yet. >> >> --David >> >> >> On Tue, Apr 13, 2010 at 12:36 PM, Allen Tom <a...@yahoo-inc.com> wrote: >> > At least with regards to the language preference, how about if we just >> > copy the openid.ui.lang parameter from the OpenID UI Extension? >> > >> > http://svn.openid.net/repos/specifications/user_interface/1.0/trunk/op >> > enid-user-interface-extension-1_0.html#anchor3 >> > >> > In flows in which the client redirects the user's web browser to >> > authorize access, the client MAY send the Authorization Server a hint >> > regarding the user's preferred language by sending the following >> parameter: >> > >> > lang >> > The user's preferred languages as a [BCP 47] language priority >> > list, represented as a comma-separated list of BCP 47 basic language >> > ranges in decending priority order. For instance, the value >> > "fr-CA,fr-FR,en- >> CA" >> > represents the preference for French spoken in Canada, French spoken >> > in France, followed by English spoken in Canada. >> > >> > The language preference hint SHOULD take precedence over the >> > Accept-Language HTTP header sent by the user's browser, and SHOULD >> > take precedence over the language preference inferred by the user's IP >> Address. >> > >> > BCP 47: http://tools.ietf.org/html/bcp47 >> > >> > Allen >> > >> > >> > On 4/12/10 1:32 PM, "Eran Hammer-Lahav" <e...@hueniverse.com> >> wrote: >> > >> > Between language preferences, display configuration, and immediate >> > check, I think it might be worth to move that work to another draft. >> > Timeline-wise, this has the potential of slowing us down. I also fear >> > getting what is now a pretty simple spec much more complicated. >> > >> > Anyone cares to try a first draft or outline? I can do the editorial >> > work if needed, but someone needs to write something first. >> > >> > EHL >> > >> > >> > >> > _______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.ietf.org/mailman/listinfo/oauth >> > >> > > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
