<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>I think this is a mismatch between the mental model you have when
looking at the software, and the mental model that drove the
(current) data structure. When we built this originally, the
"approved site" item was attached to tokens as they were created,
whether they were approved by a user or whitelisted. This morphed
into something that was more like a "remembered grant", where the
user's explicit authorization decision was remembered and that was
attached to the token. <br>
</p>
<p>I'm not saying that your interpretation is incorrect, mind you --
and in fact I think that it's a potentially clearer model.
However, I think that we should perhaps address this in the UI
instead of the data model. So instead of having separate pages for
tokens and grants, as we have today, perhaps a single page for
revoking a client's access in both ways. This would more cleanly
take care of the non-remembered but permanent refresh tokens and
put them at the same level as the remembered grants. <br>
</p>
<p>Personally, I think this would be a cleaner way of handling the
disconnect than propagating the ApprovedSite link through to the
refresh token (and downstream), but I'm open to other suggestions.<br>
</p>
<p> -- Justin<br>
</p>
<div class="moz-cite-prefix">On 3/10/2017 3:01 AM, Dominik Schmich
wrote:<br>
</div>
<blockquote
cite="mid:BC07D7EA39C6184BA034EA776CB2C46D0140B43F@UCDEDC1PWXMR007.de.db.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
        {font-family:Wingdings;
        panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Consolas;
        panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;
        mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {mso-style-priority:34;
        margin-top:0cm;
        margin-right:0cm;
        margin-bottom:0cm;
        margin-left:36.0pt;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;
        mso-fareast-language:EN-US;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
span.pl-en
        {mso-style-name:pl-en;}
span.pl-k
        {mso-style-name:pl-k;}
.MsoChpDefault
        {mso-style-type:export-only;
        mso-fareast-language:EN-US;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:208688555;
        mso-list-type:hybrid;
        mso-list-template-ids:1047038734 810311466 67567619 67567621 67567617 67567619 67567621 67567617 67567619 67567621;}
@list l0:level1
        {mso-level-start-at:0;
        mso-level-number-format:bullet;
        mso-level-text:-;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:"Calibri",sans-serif;
        mso-fareast-font-family:Calibri;}
@list l0:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:"Courier New";}
@list l0:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:Wingdings;}
@list l0:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:Symbol;}
@list l0:level5
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:"Courier New";}
@list l0:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:Wingdings;}
@list l0:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:Symbol;}
@list l0:level8
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:"Courier New";}
@list l0:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-18.0pt;
        font-family:Wingdings;}
ol
        {margin-bottom:0cm;}
ul
        {margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<p><span style="font-family: arial unicode ms; color: Black;
font-size: 10pt;">Classification:
<b>For internal use only</b></span></p>
<div class="WordSection1">
<p class="MsoNormal">Hi everyone,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">I have a little question
regarding the Approved Site revocation behavior.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Here is what I did see
on the Database Tables:<o:p></o:p></span></p>
<p class="MsoListParagraph"
style="text-indent:-18.0pt;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span
lang="EN-US"><span style="mso-list:Ignore">-<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span lang="EN-US">Access
Tokens are tied to Approved Sites via the database field ”</span><span
style="font-size:9.0pt;font-family:Consolas;color:#24292E;background:white"
lang="EN-US">approved_site_id</span><span lang="EN-US">”.<o:p></o:p></span></p>
<p class="MsoListParagraph"
style="text-indent:-18.0pt;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span
lang="EN-US"><span style="mso-list:Ignore">-<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span lang="EN-US">Refresh
Tokens are tied to Access Tokens via the database field “</span><span
style="font-size:9.0pt;font-family:Consolas;color:#24292E;background:white"
lang="EN-US">refresh_token_id</span><span lang="EN-US">”.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Now if you remove an
Approved Site the method “</span><span class="pl-en"><span
style="font-size:9.0pt;font-family:Consolas;color:#795DA3;background:white"
lang="EN-US">DefaultApprovedSiteService.</span></span><span
style="font-size:9.0pt;font-family:Consolas;color:#795DA3;background:white"
lang="EN-US">remove()</span><span lang="EN-US">” is used.
This will get all access tokens, remove all associated
refresh tokens and then delete the access token. In the end
it removes the Approved Site. This is exactly the behavior I
did expect.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This behavior changes
once the Refresh Token was used the first time. With the
usage, the “</span><span class="pl-en"><span
style="font-size:9.0pt;font-family:Consolas;color:#795DA3;background:white"
lang="EN-US">DefaultOAuth2ProviderTokenService.</span></span><span
style="font-size:9.0pt;font-family:Consolas;color:#795DA3;background:white"
lang="EN-US">refreshAccessToken()</span><span lang="EN-US">”
is used. This creates a new AccessToken and re-links the new
Access Token with the old Refresh Token via “</span><span
style="font-size:9.0pt;font-family:Consolas;color:#24292E;background:white"
lang="EN-US">token</span><span class="pl-k"><span
style="font-size:9.0pt;font-family:Consolas;color:#A71D5D;background:white"
lang="EN-US">.</span></span><span
style="font-size:9.0pt;font-family:Consolas;color:#24292E;background:white"
lang="EN-US">setRefreshToken()</span><span lang="EN-US">”.
Which is correct. What I’m missing is the “</span><span
style="font-size:9.0pt;font-family:Consolas;color:#24292E;background:white"
lang="EN-US">token</span><span class="pl-k"><span
style="font-size:9.0pt;font-family:Consolas;color:#A71D5D;background:white"
lang="EN-US">.</span></span><span
style="font-size:9.0pt;font-family:Consolas;color:#24292E;background:white"
lang="EN-US">setApprovedSite()</span><span lang="EN-US">” to
the new Access Token, which should only be done, if the site
is still approved. Due to this not linking, the Refresh
& Access Tokens stay in the system until the expire and
do not get deleted by “</span><span class="pl-en"><span
style="font-size:9.0pt;font-family:Consolas;color:#795DA3;background:white"
lang="EN-US">DefaultApprovedSiteService.</span></span><span
style="font-size:9.0pt;font-family:Consolas;color:#795DA3;background:white"
lang="EN-US">remove()</span><span lang="EN-US">”. Is this a
bug?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">What I additionally
thought of but didn’t verify is the following scenario: What
if there are Refresh & Access Tokens created and after a
while the Access Token times out and gets deleted by the “</span><span
style="font-size:9.0pt;font-family:Consolas;color:#183691;background:white"
lang="EN-US">taskScheduler</span><span lang="EN-US">”
calling “</span><span
style="font-size:9.0pt;font-family:Consolas;color:#183691;background:white"
lang="EN-US">defaultOAuth2ProviderTokenService.clearExpiredTokens()</span><span
lang="EN-US">”. Then we have a similar szenario like above:
a Refesh Token not linked to an Approved Site via an Access
Token. Is this a bug aswell?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Do we maybe add the
Approved Site to Refresh Tokens aswell?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:DE"
lang="EN-US">Beste Grüße / Kind regards,<br>
Dominik Schmich<br>
<br>
</span><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:#CCCCCC;mso-fareast-language:DE"
lang="EN-US">____________________________________________________</span><span
style="font-size:12.0pt;font-family:"Arial",sans-serif;color:#666666;mso-fareast-language:DE"
lang="EN-US"><br>
<br>
</span><span style="mso-fareast-language:DE"><img
id="Picture_x0020_1"
src="cid:part1.4E45AD26.5836506F@mit.edu" height="46"
width="46"></span><span
style="font-size:12.0pt;font-family:"Arial",sans-serif;color:#666666;mso-fareast-language:DE"
lang="EN-US"><br>
<br>
</span><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:DE"
lang="EN-US">Dominik Schmich</span><span
style="font-size:12.0pt;font-family:"Arial",sans-serif;color:#666666;mso-fareast-language:DE"
lang="EN-US"><br>
</span><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:DE"
lang="EN-US">Assistant Vice President | Solution Architect<br>
<br>
Deutsche Bank AG<br>
COO PW&CC Technology, Strategy & Architecture<o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:DE"
lang="EN-US">Alfred-Herrhausen-Allee 16-24, 65760 Eschborn,
Germany<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:DE"
lang="EN-US">Tel. +49 69 910-60543<br>
Mobile +49 1723700665<br>
Email <a moz-do-not-send="true"
href="mailto:dominik.schmich@db.com"><span
style="font-family:"Times New
Roman",serif;color:#0018A8;text-decoration:none">dominik.schmich@db.com</span></a></span><span
style="font-size:12.0pt;font-family:"Arial",sans-serif;color:#666666;mso-fareast-language:DE"
lang="EN-US"><o:p></o:p></span></p>
</div>
<br>
<font face="Arial" color="Black" size="3"><br>
---<br>
Die Europäische Kommission hat unter
<a class="moz-txt-link-freetext" href="http://ec.europa.eu/consumers/odr/">http://ec.europa.eu/consumers/odr/</a> eine Europäische
Online-Streitbeilegungsplattform (OS-Plattform) errichtet. Die
OS-Plattform kann ein Verbraucher für die außergerichtliche
Beilegung einer Streitigkeit aus Online-Verträgen mit einem in
der EU niedergelassenen Unternehmen nutzen.<br>
<br>
Informationen (einschließlich Pflichtangaben) zu einzelnen,
innerhalb der EU tätigen Gesellschaften und Zweigniederlassungen
des Konzerns Deutsche Bank finden Sie unter
<a class="moz-txt-link-freetext" href="https://www.deutsche-bank.de/Pflichtangaben">https://www.deutsche-bank.de/Pflichtangaben</a>. Diese E-Mail
enthält vertrauliche und/ oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder
diese E-Mail irrtümlich erhalten haben, informieren Sie bitte
sofort den Absender und vernichten Sie diese E-Mail. Das
unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail
ist nicht gestattet.<br>
<br>
The European Commission has established a European online
dispute resolution platform (OS platform) under
<a class="moz-txt-link-freetext" href="http://ec.europa.eu/consumers/odr/">http://ec.europa.eu/consumers/odr/</a>. The OS platform can be used
by a consumer for the extra-judicial settlement of a dispute of
online contracts with a provider established in the EU
companies.<br>
<br>
Please refer to <a class="moz-txt-link-freetext" href="https://www.db.com/disclosures">https://www.db.com/disclosures</a> for information
(including mandatory corporate particulars) on selected Deutsche
Bank branches and group companies registered or incorporated in
the European Union. This e-mail may contain confidential and/or
privileged information. If you are not the intended recipient
(or have received this e-mail in error) please notify the sender
immediately and delete this e-mail. Any unauthorized copying,
disclosure or distribution of the material in this e-mail is
strictly forbidden.<br>
</font>
</blockquote>
<br>
</body>
</html>