Skip to content

Instantly share code, notes, and snippets.


Karl McGuinness mcguinness

View GitHub Profile
mcguinness /
Last active Dec 20, 2019
Online Access Refresh Tokens

Problem Statement

The OAuth 2.0 Authorization Framework defines the authorization_code grant type and refresh token. It doesn't establish any rules for issuing refresh tokens and explicitly states in Section 1.5 that "Issuing a refresh token is optional at the discretion of the authorization server". One of the explicit goals for Rfc6749 was to enable offline access to protected resources when the end-user is not present. It does not define any request semantics for how a client can explicitly request a refresh token or whether that refresh token's lifecycle should be bound to the user's session that granted the refresh token. Authorization Servers are free to define these behaviors on a per-implementation or policy basis.

OpenID Connect being the identity layer ontop of OAuth 2.0 needed to define some new authorization server behaviors to enable end-user consent for when a client can access their identity info

mcguinness / umbrella
Created Aug 23, 2016 — forked from quinncomendant/umbrella
OpenDNS umbrella start/stop script for Mac OS X. This makes it easy to turn umbrella off temporarily, or get its status.
View umbrella
#!/usr/bin/env bash
# Quinn Comendant <>
# Since 25 Jan 2015
# Version 1.1
if [[ `id -u` = 0 ]]; then

Keybase proof

I hereby claim:

  • I am mcguinness on github.
  • I am mcguinness ( on keybase.
  • I have a public key whose fingerprint is DDF0 E3D1 7A4C 5192 A9D1 0BF7 4E27 92F7 5D23 D9F0

To claim this, I am signing this object:


Multiple SSH Keys settings for different github account

create different public key

create different ssh key according the article Mac Set-Up Git

$ ssh-keygen -t rsa -C ""