[Openid-specs-ab] Updated Connect Specs

George Fletcher gffletch at aol.com
Thu Jun 30 13:08:22 UTC 2011


Thanks for the updates Mike!

A few comments on the new userinfo specification...

Section 2.1
* The access_token is a required parameter. Is there any reason the 
access token could not be specified via the HTTP Authorization header?

* Are both GET/POST HTTP methods allowed?

* The spec says that if the schema is "openid" then the endpoint SHOULD 
return a JSON object that si a subset of the following claims. Given 
that if no schema parameter is passed, or a value other than "openid" is 
passed, the response object is undefined (from this specs perspective), 
wouldn't it make more sense to turn the SHOULD into a MUST?  Right now, 
from my reading of the spec, I can have a compliant userinfo endpoint 
that returns the data in a PoCo format even if a schema of "openid" is 
specified.

Thanks,
George

On 6/30/11 5:42 AM, Mike Jones wrote:
>
> (adding Allen, Kick, Chris, and Larry, to inform them of this progress 
> towards the Connect launch)
>
> *From:*openid-specs-ab-bounces at lists.openid.net 
> [mailto:openid-specs-ab-bounces at lists.openid.net] *On Behalf Of *Mike 
> Jones
> *Sent:* Thursday, June 30, 2011 2:32 AM
> *To:* openid-specs-ab at lists.openid.net
> *Cc:* Eric Sachs; Andrew Nash; Don Thibeau
> *Subject:* [Openid-specs-ab] Updated Connect Specs
>
> Edmund and I have released updated and restructured Connect specs to 
> openid.net.  The released specs are:
>
> OpenID Connect Core: http://openid.net/specs/openid-connect-core-1_0.html
>
> OpenID Connect Framework: 
> http://openid.net/specs/openid-connect-framework-1_0.html
>
> OpenID Connect Session Management: 
> http://openid.net/specs/openid-connect-session-1_0.html
>
> OpenID Connect HTTP Redirect Binding: 
> http://openid.net/specs/openid-connect-http-redirect-1_0.html
>
> OpenID Connect UserInfo Endpoint: 
> http://openid.net/specs/openid-connect-userinfo-1_0.html
>
> All are in SubVersion at 
> http://svn.openid.net/repos/specifications/connect/1.0/.
>
> The UserInfo spec now uses names in the style of the Facebook Graph 
> API.  Edmund, I did a consistency pass over all the specs, primarily 
> to update the examples to the new UserInfo schema.  I also ran 
> spelling and grammar checking and corrected issues found.
>
> I’d encourage everyone to read these in detail.  Once we have the 
> updated Discovery and Client Registration specs, these should be ready 
> to turn over to early developers!
>
>                                                             -- Mike
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-- 
Chief Architect                   AIM:  gffletch
Identity Services Engineering     Work: george.fletcher at teamaol.com
AOL Inc.                          Home: gffletch at aol.com
Mobile: +1-703-462-3494           Blog: http://practicalid.blogspot.com
Office: +1-703-265-2544           Twitter: http://twitter.com/gffletch

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110630/105c84c2/attachment.html>


More information about the Openid-specs-ab mailing list