openid / connect / issues / #81 - Basic - 3.3.4.2 nonce verification not specified — Bitbucket

Issue #81 resolved

Former user created an issue 2011-09-09

Step 1 does not specify what constitutes a valid nonce (a previously issued but not previously used value).

Comments (3)

hideki nara
- assigned issue to
  
  Edmund Jay
- 2011-09-11T23:11:24+00:00

Nat Sakimura

Change

If the authentication request contained a nonce, check that the returned nonce is valid.

To

Check that the returned nonce is equal to the nonce in the Authorization Request.

2011-09-15T00:07:10+00:00

Edmund Jay
- changed status to resolved
fixes ~~#81~~

→ 5560fe720635
- 2011-09-18T07:36:43+00:00
Log in to comment

Assignee: Edmund Jay

Type: bug

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!