Messages - 2.1.1 Last Paragraph - id_token
Currently it is:
{{{ id_token OPTIONAL. An ID Token passed to the Authorization server as a hint about the user's current or past authenticated session with the client. This SHOULD be present if prompt=none is sent. }}}
Suggest:
{{{ id_token OPTIONAL. An ID Token passed to the Authorization server as a hint about the user's current or past authenticated session with the client. This SHOULD be present if prompt=none is sent. If the id_token received by the RP was signed and encrypted using the Client's public key, then the Client MUST decrypt and use the signed id_token as the value of this member. }}}
Comments (4)
-
-
If sent encrypted to the OP, it will need to reencrypted to the OP's public key. Whether to do so is up to the client.
-
reporter New Proposal based on the feedback above:
id_token OPTIONAL. An ID Token passed to the Authorization server as a hint about the user's current or past authenticated session with the client. This SHOULD be present if prompt=none is sent. The value is a JWS encoded ID token as signed by the issuer, the JWS may be JWE encrypted by the public key of the issuer for additional confidentiality. If the id_token received by the RP was encrypted, the Client MUST decrypt the signed id_token (JWS). The Client MAY re-encrypt using the key that the server is capable of decrypting.
-
reporter - changed status to resolved
Fixed
#651- Messages: id_token in the request tightened up. - Log in to comment
Perhaps
id_token OPTIONAL. An ID Token passed to the Authorization server as a hint about the user's current or past authenticated session with the client. This SHOULD be present if prompt=none is sent. The value is a JWS encoded ID token as signed by the issuer, the JWS may be JWE encrypted by the public key of the issuer for additional confidentiality. If the id_token received by the RP was encrypted, the Client MUST decrypt the signed id_token (JWS).
The token could be symmetrically encrypted so I changed it to always decrypt, and send the JWE as signed by the issuer, allowing it to be encrypted as a JWE with the public key of the issuer independent of it having been received as a JWE.
I think that is the correct thing.