<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">I will be working with Bill to
streamline our OAuth implementation. I dont care if OAuth stays
in RESTEasy or PicketLink as long as our users have support for
OAuth from JBoss community.<br>
<br>
On 02/20/2013 09:55 AM, Bruno Oliveira wrote:<br>
</div>
<blockquote
cite="mid:740DE4DA4013419999B1685B16EF16BF@abstractj.org"
type="cite">
<div> 'kk what's the plan for PicketLink use amber
(<a class="moz-txt-link-freetext" href="https://github.com/picketlink/picketlink/tree/master/oauth/src/main/java/org/picketlink/oauth/amber">https://github.com/picketlink/picketlink/tree/master/oauth/src/main/java/org/picketlink/oauth/amber</a>)
or Bill's implementation? </div>
<div>
<div><br>
</div>
<div>Or both?</div>
<div><br>
</div>
<div>
<div>-- </div>
<div>"The measure of a man is what he does with power" - Plato</div>
<div>-</div>
<div>@abstractj</div>
<div>-</div>
<div>Volenti Nihil Difficile</div>
</div>
</div>
<p style="color: #A0A0A8;">On Wednesday, February 20, 2013 at
12:26 PM, Anil Saldhana wrote:</p>
<blockquote type="cite"
style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px;">
<span>
<div>
<div>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
<div>Hi Bruno,<br>
I think that is the usecase for implicit grant type in
OAuth2. It is used when the client cannot save any
secrets or tokens such as Javascript applications. <br>
<br>
Regards,<br>
Anil<br>
<br>
On 02/20/2013 05:42 AM, Bruno Oliveira wrote:<br>
</div>
<blockquote type="cite">
<div>
<div> Hi Anil,</div>
<div><br>
</div>
<div>Are you thinking in something like this? <a
moz-do-not-send="true"
href="https://developers.google.com/accounts/docs/OAuth2#clientside">https://developers.google.com/accounts/docs/OAuth2#clientside</a></div>
<div><br>
</div>
<div>If yes, makes sense.</div>
<div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>-- </div>
<div>"The measure of a man is what he does with
power" - Plato</div>
<div>-</div>
<div>@abstractj</div>
<div>-</div>
<div>Volenti Nihil Difficile</div>
</div>
</div>
<p style="color: #A0A0A8;">On Tuesday, February 19,
2013 at 11:05 PM, Anil Saldhana wrote:</p>
<blockquote type="cite">
<div> <span>
<div style="color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 13px; font-style:
normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height:
normal; orphans: 2; text-align: -webkit-auto;
text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing:
0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px;
background-color: rgb(255, 255, 255); ">I am
unsure if "implicit" usecase implies insecure.
All it does is</div>
<div style="color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 13px; font-style:
normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height:
normal; orphans: 2; text-align: -webkit-auto;
text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing:
0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px;
background-color: rgb(255, 255, 255); ">avoids
the intermediate</div>
<div style="color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 13px; font-style:
normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; line-height:
normal; orphans: 2; text-align: -webkit-auto;
text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing:
0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px;
background-color: rgb(255, 255, 255); ">authorization
code grant step. It is useful for Javascript
applications</div>
</span> </div>
</blockquote>
<br>
</div>
</blockquote>
<br>
</div>
</div>
</span></blockquote>
</blockquote>
</body>
</html>