Consider the simplest case, 'view', which just gives a 'yes'/'no' answer.
It's not enough for the RH to return this answer via the front channel.
Even if we use a resource registry, it still needs to know whether the answer was yes or no.
And you don't want to register a resource every time someone views or picks a scope.
So we need to solve this problem for the simplest yes/no case. I think we cannot therefore reuse GNAP-RS for this, and we should go back to our original idea of a nested authorization code flow.
Consider the simplest case, 'view', which just gives a 'yes'/'no' answer. It's not enough for the RH to return this answer via the front channel. Even if we use a resource registry, it still needs to know whether the answer was yes or no. And you don't want to register a resource every time someone views or picks a scope.
So we need to solve this problem for the simplest yes/no case. I think we cannot therefore reuse GNAP-RS for this, and we should go back to our original idea of a nested authorization code flow.