- edited description
OpenID Connect Federation 1.0: claim client_id missing from OIDCClientMetadata
Issue #428
resolved
In version 10.7.2 (https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/c656ebc15455907ab450183936c7fb0e2ded01bf)
there was a change which removes client information fields from the metadata returned by CommonFederationClaimsSet.getRPMetadata().
Among the removed values, there is also client_id which is listed in the applicable values for openid_relying_party metadata in section 4.2 of the openid-connect-federation specs: https://openid.net/specs/openid-connect-federation-1_0.html in the “IANA OAuth Dynamic Client Registration Metadata”.
We used to access the client_id from the relying party’s EntityStatement like this:
entityStatement.getClaimsSet().getRPMetadata().getCustomField("client_id")
but that is not possible anymore (version 10.7.2 changed this).
Since client_id is an acceptable value for RP’s metadata, why is it removed?
Comments (6)
-
reporter
-
- changed status to open
Thanks for the detailed report. We'll check what's going on and what has changed.
-
Hi Pasquale,
Are you calling this method on the
ResolveClaimsSetorEntityStatementClaimsSet?(or both)
-
Some background why / where you are getting this client_id will be useful.
OIDC Federation has the client_id appearing in metadata only in explicit registration responses.
-
- changed status to resolved
Fixed here: 1fa5eac350dd160d9eb2a25cfed8a5e4e2b2d361
(introduced new OIDCClientInformation get / set method)
-
The changes were released in a 10.11
- Log in to comment
