[OAUTH-WG] Best-Practice for dealing with OAuth 2.0 Token expiration at the Consumer

Please give me feedback if I got anything wrong, or if you have comments. https://rnd.feide.no/2012/04/19/best-practice-for-dealing-with-oauth-2-0-token-expiration-at-the-consumer/ Kind regards, Andreas Åkre Solberg UNINETT smime.p7s Description: S/MIME cryptographic signature

[OAUTH-WG] New OAuth 2.0 Javascript library

cript for more control of the user interface. Feedback is welcome. Andreas Åkre Solberg, UNINETT AS http://rnd.feide.no ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] Seeking Clarification: Potential Ambiguity in Specification

Den 20. jan. 2012 kl. 21:32 skrev Eran Hammer: > New text added to Access Token Scope section: > > If the client omits the scope parameter when requesting > authorization, the authorization > server MUST process the request using a pre-defined default value, > or fail the r

Re: [OAUTH-WG] Detecting revoked token in OAuth 2.0 client libraries

Den 9. jan.2012 kl. 17:35 skrev Torsten Lodderstedt: > Hi, > > an invalid token should cause the server to reply with status code 401. Thanks for the tip, both of you. Andreas___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinf

[OAUTH-WG] Detecting revoked token in OAuth 2.0 client libraries

Hi, I'm trying to do an OAuth 2.0 library, and got a question: I cannot find a standardized way for an OAuth protected endpoint to report to the client that the Token is not valid (expired or revoked). As a library developer, I'd like to take away as much of possible of the OAuth logic from th