[Openid-specs-ab] OP is not supporting client_secret_post according to 'token_endpoint_auth_methods_supported' in the provider configuration

Justin Richer jricher at mit.edu
Thu Jul 21 14:00:27 UTC 2016


If you don't, then you need to statically configure your test instance 
to include the method mentioned in its configuration. This should be on 
the "config page", and you'll need to add the configuration parameter.

Though honestly, the discovery document is incredibly easy to implement 
and it will make your client developers' lives much simpler, I've rarely 
seen a server without it in the wild.

  -- Justin


On 7/21/2016 9:57 AM, Hasanthi Purnima Dissanayake wrote:
> Hi Justing,
>
> Still we have not implemented OIDC discovery. So we don't have such 
> configuration.  We are just running the test cases for basic profile. 
> Do we need to have this configuration which comes with OIDC spec even 
> to execute the test cases in basic profile?
>
> Thanks,
>
> HasanthiDissanayake
>
> Software Engineer | WSO2
>
> E: hasanthi at wso2.com <mailto:hasanthi at wso2.com>
>
> M :0718407133|http://wso2.com <http://wso2.com/>
>
> On Thu, Jul 21, 2016 at 7:19 PM, Justin Richer <jricher at mit.edu 
> <mailto:jricher at mit.edu>> wrote:
>
>     Looking at the error, I'd ask what's in your
>     "token_endpoint_auth_methods_supported" field of your IdP's
>     discovery document? MITREid currently outputs this:
>
>     "token_endpoint_auth_methods_supported": [
>         "client_secret_post",
>         "client_secret_basic",
>         "client_secret_jwt",
>         "private_key_jwt",
>         "none"
>     ]
>
>      -- Justin
>
>
>     On 7/21/2016 9:03 AM, Hasanthi Purnima Dissanayake wrote:
>>     Hi All,
>>     Can anyone please let me know the reason for getting below when
>>     running Access token request with client_secret_post
>>     authentication (OP-ClientAuth-SecretPost-Static) test case.
>>
>>     Result: WARNING
>>     Warnings:
>>     OP is not supporting client_secret_post according to
>>     'token_endpoint_auth_methods_supported' in the provider configuration
>>
>>     Thanks,
>>
>>     HasanthiDissanayake
>>
>>     Software Engineer | WSO2
>>
>>     E: hasanthi at wso2.com <mailto:hasanthi at wso2.com>
>>
>>     http://wso2.com <http://wso2.com/>
>>
>>
>>     _______________________________________________
>>     Openid-specs-ab mailing list
>>     Openid-specs-ab at lists.openid.net
>>     <mailto:Openid-specs-ab at lists.openid.net>
>>     http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20160721/9f235f30/attachment.html>


More information about the Openid-specs-ab mailing list