[WG-UMA] Google API discovery service and our scope structures

Eve Maler eve at xmlgrrl.com
Sat May 14 14:30:45 EDT 2011


http://googlecode.blogspot.com/2011/05/google-apis-discovery-service-one-api.html

I've just started to look at this. Can anyone (particularly implementor-types) take a look and offer thoughts on how the ability to publish resource and OAuth scope info might relate to our resource/action/scope registration stuff?

Keep in mind that our currently spec'd resource set description looks like this (the SMART project has extended this to pass along a canonical URI that can be used to retrieve the resource set in question, but that's not shown here):

{
        "resource_set":
            {
            "_id": "112210f47de98100",
            "name": "Steve the puppy!",
            "icon_uri": "http://www.example.com/icons/flower",
            "actions":
                        ["http://photoz.example.com/dev/actions/view",
                        "http://photoz.example.com/dev/actions/all"]
        }
}

I had offered to propose requested-scope and granted-scope structures. I was thinking of something like this (where the ID refers to a previously registered resource set and the actions array contains one or more actions to be enabled):

{
        "requested_scope":
            {
            "_id": "112210f47de98100",
            "actions":
                        ["http://photoz.example.com/dev/actions/all"]
        }
}

and this (where now it's an actual scope that this requester has been authorized to have; I copied the "exp" expiration parameter from the JWT spec):

{
        "scope":
            {
            "_id": "112210f47de98100",
            "actions":
                        ["http://photoz.example.com/dev/actions/all"],
            "exp": 1300819380
        }
}


	Eve

Eve Maler                                  http://www.xmlgrrl.com/blog
+1 425 345 6756                         http://www.twitter.com/xmlgrrl



More information about the WG-UMA mailing list