Re: [security-dev] Resteasy 3.0-beta-2 released with OAuth2 support
Hi Bruno,
I think that is the usecase for implicit grant type in OAuth2. It is
used when the client cannot save any secrets or tokens such as
Javascript applications.
Regards,
Anil
On 02/20/2013 05:42 AM, Bruno Oliveira wrote:
Hi Anil,
Are you thinking in something like
this? https://developers.google.com/accounts/docs/OAuth2#clientside
If yes, makes sense.
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Tuesday, February 19, 2013 at 11:05 PM, Anil Saldhana wrote:
> I am unsure if "implicit" usecase implies insecure. All it does is
> avoids the intermediate
> authorization code grant step. It is useful for Javascript applications
Attachments:
- attachment.html (text/html — 3.3 KB)