OAuth 2 MAC tokens 01 #29
Comments
|
I'm interested in having a library that works with the 01 MAC tokens. The current code for 00 tokens doesn't really work:
Do you think it's useful to keep the 00 code and perhaps try to fix it? If I want to add 01 support, should I keep both? |
|
I noticed you added support for both, let's keep it that way until there is some more progress on the draft and then follow the latest draft. As far as I know none is currently working on the draft as they are lacking clear use cases for when to use MAC tokens. If you happen to have one I'm sure they would be very interested to hear about it =) |
|
Seem to be some progress on MAC tokens http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-03, will keep an eye on it. |
|
Annoyingly enough, there's a random webservice (smsglobal.com) that thought the MAC spec (v1, I think) was a good idea... |
|
Now in draft 05. The current implementation is 02 (according to the comments). |
|
Not followed the changes as of late. However a quick look at the spec and On Sun, Aug 24, 2014 at 3:10 PM, Omer Katz notifications@github.com wrote:
|
|
Looks like this is still in draft 05. There are some examples in there, someone will need to try and implement based on those examples and see if it's complete enough. |
|
There was no other draft. |
Currently tokens.py match the 00 version of the MAC token spec which is also the one linked from the OAuth 26 draft. A new 01 version of the MAC token spec removes hashing of the body and possibly other things. The OAuth 2 draft is considered stable by now but I am uncertain if this is the case for MAC tokens too.
Update: The MAC token type is currently not maintained and considered incomplete. Might be better to let it stay on v.00 and wait until the mac token spec is picked up and approaching stable.
The text was updated successfully, but these errors were encountered: