So technically, this is not a token endpoint, per OAuth 2.0, but an endpoint where you can get tokens using some other parameters and headers. This is perfectly fine, but is using a different design.
EHL > -----Original Message----- > From: Brian Eaton [mailto:bea...@google.com] > Sent: Wednesday, January 26, 2011 5:38 PM > To: Eran Hammer-Lahav > Cc: Torsten Lodderstedt; OAuth WG > Subject: Re: [OAUTH-WG] How to integrated DIGEST or SPNEGO with > tokensendpoint? > > On Wed, Jan 26, 2011 at 2:53 PM, Eran Hammer-Lahav > <e...@hueniverse.com> wrote: > > Can you share what the actual request looks on the wire? How are you > passing the Kerberos authentication in the request? What do you set the > grant type to? > > Most of this pre-dates grant type and the OAuth2 brand. =) > > From memory, the kerberos to access token swap looks like this: > > GET /some/token/endpoint?s=<scope>&g=<desired-ticket-attributes> > Authorization: Negotiate <stock-negotiate-kerberos-header-here> > > And the response includes a ticket that is basically an OAuth2 access token, > for the specified scope, with some additional metadata requested by the "g" > parameter. > > Cheers, > Brian _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
