update/fix ID Token examples in CIBA Authentication Results

Issue #92 resolved

Brian Campbell created an issue 2018-10-01

The ID Token in the first example of CIBA 10.3. Push Callback / 10.3.1. Successful Token Delivery is missing the _hash and auth_req_id claims that the text a few paragraphs below says must be there. It also has nonce, which shouldn't be there. And it should probably match up with the decoded claims in the example below. Also the refresh_token and access_token values really should be longer (and then the _hash values redone) and if changes are being made in this area then may as well do that too.

The ID Token in the first example of CIBA 10.1.1. Successful Token Response has nonce, which shouldn't be there.

Comments (6)

Brian Campbell
issue ~~#93~~ "use Public Claim Names for CIBA JWT claims" should be considered with this too
- 2018-10-02T10:19:02+00:00
Brian Campbell reporter
pull request ~~#24~~ has changes addressing this and issue ~~#93~~
- 2018-10-05T19:59:51+00:00
Dave Tonge
- changed status to resolved
Resolves with this PR: https://bitbucket.org/openid/mobile/pull-requests/24/ciba-public-claim-names-and-updated-id
- 2018-10-16T06:25:12+00:00
Brian Campbell reporter
- changed component to CIBA
- 2018-10-16T11:41:55+00:00
Brian Campbell reporter
- changed status to open
Not sure what happened but the changes didn't seem to actually make it in. Pull request ~~#24~~ says it was MERGED at 2a712c4 but there's no actual changes in that commit.
- 2018-10-26T16:36:59+00:00
Brian Campbell reporter
- changed status to resolved
merged pull request ~~#36~~ to hopefully fix for real this time with, CIBA: use Public Claim Names for the auth_req_id and refresh token JWT claims for Issue ~~#93~~ and also fix/update the two ID Token examples in the Authentication Results section for Issue ~~#92~~
- 2018-10-26T20:00:11+00:00
Log in to comment

Assignee: Brian Campbell

Type: bug

Priority: minor

Status: resolved

Component: CIBA

Milestone: –

Votes: 0

Watchers: 0