[Openid-specs-ab] [board-private] OpenID Connect Launch Commencement

Breno de Medeiros breno at google.com
Tue Jul 19 14:10:34 UTC 2011 

We don't have support for id_tokens yet -- this is the 'minimal'
version of the OpenIDConnect spec yet

On Mon, Jul 18, 2011 at 08:14, Eric Sachs <esachs at google.com> wrote:
>>> So =ritou / @ritou / Ryo Ito has implemented a sample OpenID Connect RP
>>> for the Google.
> I can't tell if it works yet.  Below is what I see after I try to login and
> it looks like it is failing
>
> OpenID Connect Sample RP
>
> This is OpenID Connect Sample RP  using Google(OP).
> Flow : Authorization Code Flow
>
> Google's sample RP and Document : http://oauthssodemo.appspot.com/step/1
>
>
> Reload Access Token Refresh Restart
>
> Obtain Access Token
>
> Request :
>
> Response :
>
> Token Info Endpoint
>
> Request :
>
> GET /o/oauth2/tokeninfo?access_token= HTTP/1.1
> User-Agent: OpenID Connect Sample RP v0.0.1
> Host: accounts.google.com
> Accept: */*
>
> Response :
>
> HTTP/1.1 400 Either access_token or id_token should be specified by client,
> not both
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> Pragma: no-cache
> Expires: Fri, 01 Jan 1990 00:00:00 GMT
> Date: Mon, 18 Jul 2011 15:12:14 GMT
> Content-Type: text/html; charset=UTF-8
> X-Content-Type-Options: nosniff
> X-Frame-Options: SAMEORIGIN
> X-XSS-Protection: 1; mode=block
> Server: GSE
> Transfer-Encoding: chunked
>
> <HTML>
> <HEAD>
> <TITLE>Either access_token or id_token should be specified by client, not
> both</TITLE>
> </HEAD>
> <BODY BGCOLOR="#FFFFFF" TEXT="#000000">
> <H1>Either access_token or id_token should be specified by client, not
> both</H1>
> <H2>Error 400</H2>
> </BODY>
> </HTML>
>
> Resource Access
>
> Request :
>
> GET /oauth2/v1/userinfo?access_token= HTTP/1.1
> User-Agent: OpenID Connect Sample RP v0.0.1
> Host: www.googleapis.com
> Accept: */*
>
> Response :
>
> HTTP/1.1 401 Unauthorized
> WWW-Authenticate: GoogleLogin
> realm="https://www.google.com/accounts/ClientLogin", service="lso"
> Content-Type: application/json; charset=UTF-8
> Date: Mon, 18 Jul 2011 15:12:16 GMT
> Expires: Mon, 18 Jul 2011 15:12:16 GMT
> Cache-Control: private, max-age=0
> X-Content-Type-Options: nosniff
> X-Frame-Options: SAMEORIGIN
> X-XSS-Protection: 1; mode=block
> Server: GSE
> Transfer-Encoding: chunked
>
> {
>  "error": {
>   "errors": [
>    {
>     "domain": "com.google.auth",
>     "reason": "invalidAuthentication",
>     "message": "invalid header",
>     "locationType": "header",
>     "location": "Authorization"
>    }
>   ],
>   "code": 401,
>   "message": "invalid header"
>  }
> }
>
> ________________________________
> © 2011 ritou
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>



-- 
--Breno

More information about the Openid-specs-ab mailing list