- edited description
OpenID Connect Federation 1.0: json objects as values of directives one_of / subset_of / superset_of
Would it be possible to have json objects as values listed in directives one_of / subset_of / superset_of ?
As it is now, if we try to call MetadataPolicy.parse(metadataPolicy) with a policy object built like below,
{
"claim1": {
"one_of": [
{ "key1": "value1" },
{ "key2": "value2" },
{ "key3": "value3" }
]
}
}
it throws a com.nimbusds.oauth2.sdk.ParseException with message “Item not a string”
Comments (4)
-
reporter -
The OIDC Federation 1.0 spec doesn’t say the operand must be string. So a JSON object should be alright. The current
JSONObject
implementation handles comparison correctly, i.e. canonicalization will not be needed. -
reporter executing MetadataPolicy.parse(metadataPolicy) with the example I described and debugger enabled , I got to know that at a certain stage
MetadataPolicyEntry.parse(parameterName, entrySpec, factory, combinationValidator)
is called, and inside it there’s a call to
op.parseConfiguration(entrySpec.get(opName))
in wich op is the one_of PolicyOperation instance and entrySpec.get(opName) is the List of json objects i wrote in description.
The parseConfiguration(final Object jsonEntity) method is implemented by AbstractSetBasedOperation class, and it consists of a call to JSONObjectUtils.toStringList(jsonEntity), which in turns throws the exception as you can see from the attached screenshots.
-
- changed status to resolved
Added support here, as part of the current federation implementation rewrite for the upcoming Implementers' Draft: 2492efc
- Log in to comment