[Openid-specs-ab] nonce for code+id_token flow
Chunlei Niu (牛春雷)
niuchl at google.com
Tue Apr 8 00:30:10 UTC 2014
We are implementing nonce support for the code flow, and find that the
behavior of code + id_token flow is not well defined in the spec. It
doesn't seem right to generate two id tokens (one for each response type)
with the same nonce.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab