Request OAuth2 addition to supported CFHTTPAuthentication schemes
| Originator: | nherring | ||
| Number: | rdar://11464112 | Date Originated: | 16-May-2012 07:13 AM |
| Status: | Open | Resolved: | |
| Product: | Mac OS X | Product Version: | 10.7.3 11D50 |
| Classification: | Feature (new) | Reproducible: | Not Applicable |
Summary: The OAuth 2.0 framework (currently http://tools.ietf.org/html/draft-ietf-oauth-v2-26) is becoming quickly a standard for authentication. Being able to leverage OAuth flow via Mac OS X frameworks would reduce the barrier to entry for application developers. The request is to (1) support WWW-Authenticate headers containing Bearer (http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-18#section-3) in CFHTTPAuthenticationCreateFromResponse (2) be able to support the OAuth request flow, including possibly authenticating Basic to the token endpoint, or allowing the user (or navigating on their behalf) to navigate to a web page to complete custom auth. (3) be able to store access tokens & refresh tokens (and their scopes) attached to a principal in the keychain (4) be able to refresh the access token from the refresh token Thus, a user browsing to a site or connecting to it over WebDAV would be able to take advantage of OAuth credentials, esp. revokable tokens, rather than full credentials on every access.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!