[Openid-specs-fapi] Issue #365: CDR Conformance Bugs (openid/fapi)

Stuart Low issues-reply at bitbucket.org
Sun Jan 24 06:31:50 UTC 2021

New issue 365: CDR Conformance Bugs

Stuart Low:

Ticket to collate bugs encountered within the Conformance Suite using the CDR profile. Some of these might \(hopefully!\) already be resolved as I’ve had a high latency on coming back to this. I’ll look to edit the main ticket in the short term as I add things.

* The conformance suite expects the keys within the JWKS to be in a deterministic order notably that the signing key must be the first entry. When the first key is of type `enc` the conformance suite barfs
* `auth_time` is not being specified as an essential claim in the request object of fapi-rw-id2 so is untested but it’s support is mandatory in CDR
* `offline_access` scope acceptance is untested. It is **not** required by CDR but it’s presence is meant, at worst, to be ignored


More information about the Openid-specs-fapi mailing list