[Openid-specs-fapi] JARM: The type of the value of the expires_in in 4.1.2. Response Type "token"

Takahiko Kawasaki taka at authlete.com
Mon Sep 24 23:25:07 UTC 2018 

Dear Brian,

Created an issue for this:

*JARM: the type of expires_in in authorization response JWT*
https://bitbucket.org/openid/fapi/issues/176


Best Regards,
Takahiko Kawasaki
Authlete, Inc.


2018-09-25 3:16 GMT+09:00 Brian Campbell <bcampbell at pingidentity.com>:

> It really could be either one but the JARM draft should probably be
> explicit about it.
>
> Will you put in an issue to track it, Takahiko?
>
> https://bitbucket.org/openid/fapi/issues
>
> On Sat, Sep 22, 2018 at 10:49 AM Takahiko Kawasaki via Openid-specs-fapi <
> openid-specs-fapi at lists.openid.net> wrote:
>
>> Hello,
>>
>> # A trivial editorial issue
>>
>> *4.1.2. Response Type "token"
>> <https://openid.net/specs/openid-financial-api-jarm.html#response-type-token>*
>> in JARM shows an example of authorization response as follows:
>>
>> {
>>    "iss":"https://accounts.example.com",
>>    "aud":"s6BhdRkqt3",
>>    "exp":1311281970,
>>    "access_token":"2YotnFZFEjr1zCsicMWpAA",
>>    "state":"S8NJ7uqk5fY4EjNvP_G_FtyJu6pUsvH9jsYni9dMAJw",
>>    "token_type":"bearer",
>>    "expires_in":"3600",
>>    "scope":"example"
>> }
>>
>>
>> In the example, the type of the value of the expires_in is "string", but
>> it should be "number" if we strictly follow the definition of expires_in
>> which is found in *A.14. "expires_in" Syntax
>> <https://tools.ietf.org/html/rfc6749?#appendix-A.14>* in RFC 6749.
>>
>> A.14.  "expires_in" Syntax
>>
>>    The "expires_in" element is defined in Sections 4.2.2 and 5.1:
>>
>>      expires-in = 1*DIGIT
>>
>>
>>
>> Best Regards,
>> Takahiko Kawasaki
>> Authlete, Inc.
>> _______________________________________________
>> Openid-specs-fapi mailing list
>> Openid-specs-fapi at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
>>
>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20180925/7cad1169/attachment.html>

More information about the Openid-specs-fapi mailing list