openid / connect / issues / #31 - Standard - 5.1.2.1 Inconsistency with Messages — Bitbucket

Issue #31 resolved

OpenID Foundation repo owner created an issue 2011-09-03

Section 5.1.2.1:

The assertion is a JSON structure which MUST contain the following values:

id_token The ID Token associated with the authentication session.

This does not match the Messages document, that states that this parameter is REQUIRED only if the response_type id_token was present in the request.

Comments (3)

hideki nara
- changed status to open
I think that Standard and Basic should refer to Message anyway.
- 2011-09-08T02:03:28+00:00
Nat Sakimura
Fixed the specs so that:

response_type=code => token endpoint always returns id_token.

response_type=token => only access_token is returned from authz endpoint in the fragment

response_type includes id_token => id_token is returned from authz endpoint in the fragment

code is always returned in query string.
- 2011-09-15T04:20:17+00:00
Edmund Jay
- changed status to resolved
fixes ~~#31~~ Standard - 5.1.2.1 Inconsistency with Messages

→ 8ae604b60eb6
- 2011-09-29T00:37:33+00:00
Log in to comment

Assignee: Edmund Jay

Type: bug

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!