Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-resource-indicators-00.txt: Error code on failure to parse resource URI

Wed, 22 Aug 2018 12:24:11 -0700 

Hi Brian,

>       If the
>       authorization server fails to parse the provided value or does not
>       consider the resource server acceptable, it MUST reject the
>       request and provide an error response with the error code
>       "invalid_resource".

If the resource parameter is not an absolute URI, i.e. parsing of the
value fails, wouldn't the existing general "invalid_request" error code
be more appropriate?

https://tools.ietf.org/html/rfc6749#section-4.1.2.1

>          invalid_request
>                The request is missing a required parameter, includes an
>                invalid parameter value, includes a parameter more than
>                once, or is otherwise malformed.

Vladimir


On 04/08/18 06:39, internet-dra...@ietf.org wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> This draft is a work item of the Web Authorization Protocol WG of the IETF.
>
>         Title           : Resource Indicators for OAuth 2.0
>         Authors         : Brian Campbell
>                           John Bradley
>                           Hannes Tschofenig
>       Filename        : draft-ietf-oauth-resource-indicators-00.txt
>       Pages           : 8
>       Date            : 2018-08-03
>
> Abstract:
>    This straw-man specification defines an extension to The OAuth 2.0
>    Authorization Framework that enables the client and authorization
>    server to more explicitly to communicate about the protected
>    resource(s) to be accessed.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-oauth-resource-indicators/
>
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-oauth-resource-indicators-00
> https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-indicators-00
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to