+1 for moving this forward. 2016年1月21日木曜日、John Bradley<ve7...@ve7jtb.com>さんは書きました:
> Yes more is needed. It was theoretical at that point. Now we have > implementation experience. > > On Jan 20, 2016, at 3:38 PM, Brian Campbell <bcampb...@pingidentity.com > <javascript:_e(%7B%7D,'cvml','bcampb...@pingidentity.com');>> wrote: > > There is > https://tools.ietf.org/html/draft-wdenniss-oauth-native-apps-00#appendix-A > which has some mention of SFSafariViewController and Chrome Custom Tabs. > > Maybe more is needed? > > On Wed, Jan 20, 2016 at 10:45 AM, John Bradley <ve7...@ve7jtb.com > <javascript:_e(%7B%7D,'cvml','ve7...@ve7jtb.com');>> wrote: > >> Yes, in July we recommended using the system browser rather than >> WebViews. >> >> About that time Apple announced Safari view controller and Google Chrome >> custom tabs. The code in the OS is now stable and we have done a fair >> amount of testing. >> >> The OIDF will shortly be publishing reference libraries for iOS and >> Android to how how to best use View Controllers, and PKCE in native apps on >> those platforms. >> >> We do need to update this doc to reflect what we have learned in the last >> 6 months. >> >> One problem we do still have is not having someone with Win 10 mobile >> experience to help document the best practices for that platform. >> I don’t understand that platform well enough yet to include anything. >> >> John B. >> >> On Jan 20, 2016, at 12:40 PM, Aaron Parecki <aa...@parecki.com >> <javascript:_e(%7B%7D,'cvml','aa...@parecki.com');>> wrote: >> >> The section on embedded web views doesn't mention the new iOS 9 >> SFSafariViewController which allows apps to display a system browser within >> the application. The new API doesn't give the calling application access to >> anything inside the browser, so it is acceptable for using with OAuth >> flows. I think it's important to mention this new capability for apps to >> leverage since it leads to a better user experience. >> >> I'm sure that can be addressed in the coming months if this document is >> just the starting point. >> >> I definitely agree that a document about native apps is necessary since >> the core leaves a lot of guessing room for an implementation. >> >> For reference, >> https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html#//apple_ref/doc/uid/TP40016198-DontLinkElementID_26 >> >> And see the attached screenshot for an example of what it looks like. >> >> <embedded-oauth-view.png> >> >> ---- >> Aaron Parecki >> aaronparecki.com >> @aaronpk <http://twitter.com/aaronpk> >> >> >> On Tue, Jan 19, 2016 at 3:46 AM, Hannes Tschofenig < >> hannes.tschofe...@gmx.net >> <javascript:_e(%7B%7D,'cvml','hannes.tschofe...@gmx.net');>> wrote: >> >>> Hi all, >>> >>> this is the call for adoption of OAuth 2.0 for Native Apps, see >>> http://datatracker.ietf.org/doc/draft-wdenniss-oauth-native-apps/ >>> >>> Please let us know by Feb 2nd whether you accept / object to the >>> adoption of this document as a starting point for work in the OAuth >>> working group. >>> >>> Note: If you already stated your opinion at the IETF meeting in Yokohama >>> then you don't need to re-state your opinion, if you want. >>> >>> The feedback at the Yokohama IETF meeting was the following: 16 persons >>> for doing the work / 0 persons against / 2 persons need more info >>> >>> Ciao >>> Hannes & Derek >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org <javascript:_e(%7B%7D,'cvml','OAuth@ietf.org');> >>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <javascript:_e(%7B%7D,'cvml','OAuth@ietf.org');> >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <javascript:_e(%7B%7D,'cvml','OAuth@ietf.org');> >> https://www.ietf.org/mailman/listinfo/oauth >> >> > > -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
