[Openid-specs-ab] [openid/connect] Messages 184.108.40.206 and Standard 220.127.116.11 - Inconsistent treatment of OAuth parameters in OpenID request message (issue #575)
issues-reply at bitbucket.org
Thu Apr 19 13:05:04 UTC 2012
--- you can reply above this line ---
New issue 575: Messages 18.104.22.168 and Standard 22.214.171.124 - Inconsistent treatment of OAuth parameters in OpenID request message
Michael Jones / mbj on Thu, 19 Apr 2012 15:05:04 +0200:
As reported by Vladimir Dzhuvinov, http://openid.net/specs/openid-connect-standard-1_0-09.html#req_param_method says
"All [...] parameters MUST also be JSON Serialized into the OpenID Request Object with the same values."
whereas http://openid.net/specs/openid-connect-messages-1_0-09.html#OpenID_Request_Object says
"If the same parameters are present both in the Authorization Request and in the OpenID Request Object, the latter takes precedence."
This is both inconsistent and confusing.
This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.
More information about the Openid-specs-ab