[Openid-specs-ab] Issue #883: Order of the description about iframe (openid/connect)

Ryo Ito issues-reply at bitbucket.org
Mon Oct 7 08:37:58 UTC 2013

New issue 883: Order of the description about iframe

Ryo Ito:

I think that the order of the description about iframe should reverse.

The implementer may be easy to understand a description along the real data flow  
(OP -> RP -> RP iframe -> OP iframe -> RP iframe...)

4. Session Status Change Notification

- Two iframe is necessary for this implementation
- RP iframe knows id of OP iframe
- Polling by repeating postMessage

4.1 RP iframe

- This iframe MUST know the ID of the OP iframe so that it can postMessage to the OP iframe.
- The postMessage includes client_id and session_state
- The received data would either be changed or unchanged.

4.2 OP iframe

- The OP iframe has access to Browser state at the OP...
- The OP iframe MUST recalculate it from the previously obtained Client ID, the source origin URL (from the postMessage), and the current OP Browser state.
- The response is ...

More information about the Openid-specs-ab mailing list