2.3.3. UserInfo Error Response using WWW-Authenticate: Bearer?
Issue #791
resolved
Does it really make sense to have an invalid schema error from the UserInfo Endpoint return a "WWW-Authenticate: Bearer ..." header? It's a protocol issue not an authentication one.
http://openid.bitbucket.org/openid-connect-messages-1_0.html#UserInfoError
Comments (5)
-
reporter
-
Well you are correct it is probably better dealt with as a protocol error rather than a authentication one.
The reason for a schema parameter is that some people Salesforece and Facebook wanted to reuse there existing endpoints and had different default schema. The parameter was intended to allow them to detect connect requests. I think one of them was already using the schema parameter. I agree that it seems of little real value now. If a IdP could always add a query parameter to the openID endpoint it publishes if it needs it.
-
We will delete the invalid_schema error, since we deleted the schema parameter.
-
-
assigned issue to
Michael Jones
-
assigned issue to
-
- changed status to resolved
Fixed
#801- Removed "schema" and "id" parameters to UserInfo Endpoint. Fixed#791- Removed "invalid_schema" error.→ <<cset 2f929b399a3d>>
- Log in to comment
- Assignee
- Type
- Priority
- Status
- resolved
- Component
- Messages
- Milestone
- Implementer's Draft
- Version
- –
- Votes
- 0
- Watchers
- 0
maybe none of this is even needed: http://lists.openid.net/pipermail/openid-specs-ab/Week-of-Mon-20130304/003248.html ?