[Openid-specs-ab] [Bitbucket] Issue #835: Clarify the expected JSON type(s) of "value" and "values" in the claims request JSON object (openid/connect)

Nat Sakimura sakimura at gmail.com
Mon Jun 3 00:01:21 UTC 2013


Probably an official readers guide type of thing would do.

For now, I just wanted to be ready to answer when I was asked.

=nat via iPhone

Jun 3, 2013 8:30、Mike Jones <Michael.Jones at microsoft.com> のメッセージ:

  We already cover the rationale for using the “request_uri” in
http://openid.net/specs/openid-connect-messages-1_0.html#RequestUriRationale.
We could add similar rationale for when to use the “request” parameter, but
I’d submit that adding this isn’t essential to completing the Implementer’s
Drafts.  We could write that and review it in a leisurely fashion, after
publishing the Implementer’s Drafts, should the working group decide to do
so.



                                                            -- Mike



*From:* Nat Sakimura [mailto:sakimura at gmail.com <sakimura at gmail.com>]
*Sent:* Sunday, June 02, 2013 4:26 PM
*To:* Mike Jones
*Cc:* Michael Jones; openid-specs-ab at lists.openid.net
*Subject:* Re: [Openid-specs-ab] [Bitbucket] Issue #835: Clarify the
expected JSON type(s) of "value" and "values" in the claims request JSON
object (openid/connect)



Actually, I am asking the guidance between the use of 'claims' top-level
parameter and 'request' parameter.



'claims' parameter was added by #748 to ease the writing of MTI and request
parameter processing rules. From spec writing point of view, that is more
elegant and fine. I just thought that developers who reads this spec may
wonder when they should pick one or the other.



2013/6/3 Mike Jones <Michael.Jones at microsoft.com>

The “claims” parameter is always what is used to request individual
claims.  Independent of that, the “claims” parameter is one of the
parameters that can either occur as a query parameter value, or within a
request object passed either as a query parameter value using the “request”
parameter or by reference using the “request_uri” parameter.



I think you’re really asking the question “what is the guidance between
using request parameters passed as query parameters and using request
parameters passed by reference or by value using a Request Object”.  The
question is independent of whether the “claims” parameter is used.



                                                            -- Mike



*From:* openid-specs-ab-bounces at lists.openid.net [mailto:
openid-specs-ab-bounces at lists.openid.net] *On Behalf Of *Nat Sakimura
*Sent:* Sunday, June 02, 2013 3:55 PM
*To:* Michael Jones; openid-specs-ab at lists.openid.net
*Subject:* Re: [Openid-specs-ab] [Bitbucket] Issue #835: Clarify the
expected JSON type(s) of "value" and "values" in the claims request JSON
object (openid/connect)



A naive question.



What is the guidance between the requesting claims in 'claims' request
parameter and the request object?



>From what I see, 'claims' request parameter features are completely covered
by request object. Main differences are that request object can specify
other parameter such as response_types as well as other security parameters
and can be signed (it is a compact serialized JWS), while 'claims'
parameter is form encoded.



2013/5/30 Michael Jones <issues-reply at bitbucket.org>

*Michael Jones* commented on issue #835:

*Clarify the expected JSON type(s) of "value" and "values" in the claims
request JSON object<https://bitbucket.org/openid/connect/issue/835/clarify-the-expected-json-type-s-of-value>
*

Fixed #835<https://bitbucket.org/openid/connect/issue/835/clarify-the-expected-json-type-s-of-value>-
Clarified requirements on using "value" and "values" qualifiers when
requesting specific values for individual claims.

→ <<cset 6af1216a68a0<https://bitbucket.org/openid/connect/commits/6af1216a68a0>
>>

Status:

new resolved

View this issue<https://bitbucket.org/openid/connect/issue/835/clarify-the-expected-json-type-s-of-value>or
add a comment by replying to this email.

Unsubscribe from issue
emails<https://bitbucket.org/openid/connect/issue/835/unsubscribe/Nat/6c4f45461cac10ce372f1f81a7903130e0898f5c/>for
this repository.



 <https://bitbucket.org>

  <https://bitbucket.org>

-- 
Nat Sakimura (=nat) <https://bitbucket.org>

Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en <https://bitbucket.org>





-- 
Nat Sakimura (=nat)

Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130603/2c055b76/attachment.html>


More information about the Openid-specs-ab mailing list