[Openid-specs-ab] About "token_endpoint_auth_type" handling

Ryo Ito ritou.06 at gmail.com
Thu Mar 22 10:16:39 UTC 2012


Hi, Andreas

I tried to test my OP using your facility, and attached exported configuration.

My OP handles "token_endpoint_auth_type", and it seems to produce some Failed.

http://openid.net/specs/openid-connect-registration-1_0.html#anchor3
===
token_endpoint_auth_type
OPTIONAL. The requested authentication type for the Token Endpoint.
The options are client_secret_post, client_secret_basic,
client_secret_jwt, and private_key_jwt, as described in Section 2.2.1
of OpenID Connect Messages 1.0 [OpenID.Messages]. Other Authentication
methods may be defined by extension. If unspecified or omitted, the
default is client_secret_basic HTTP Basic Authentication Scheme as
specified in section 2.3.1 of OAuth 2.0 [OAuth2.0].
===

About "oic-code+idtoken+token-token" test, because
token_endpoint_auth_type parameter does not include it in a dynamic
registration request, the value is registered as client_secret_basic.
And because a test client sends the access token request using the
client_secret_post format, my OP returns an error.

Will you use authorization Header?

Thanks.

Ryo

-- 
====================
Ryo Ito
Email : ritou.06 at gmail.com
====================
-------------- next part --------------
[{"title":"Ryo's OP","metadata":{"versions":{"oauth":"2.0","openid":"3.0"},"provider":{"supported_response_types":["code","code id_token"],"supported_scopes":["openid","profile","email","address","phone"],"algoritms":["HS256","RS256"],"issuer":"https://openidconnect.info/","dynamic":"https://openidconnect.info/"},"features":{"discovery":true,"registration":true,"sessionmanagement":false},"client":{"auth_type":"client_secret_basic","client_type":"confidential","client_id":"75ae72f3-65ee-4306-b15f-4ae161651964","redirect_uris":["https://localhost/callback1","https://localhost/callback2"],"client_secret":""},"interaction":[{"matches":{"url":"https://openidconnect.info/account/login"},"page-type":"login","control":{"type":"link","path":"/account/fake"}},{"matches":{"url":"https://openidconnect.info/connect/consent"},"page-type":"user-consent","control":{"index":0,"type":"form","set":{}}}]},"results":{"mj-27":{"lastRun":1332405333346,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-32":{"lastRun":1332405339371,"results":[0,1,0,1,1,1,1,1,1,1],"status":1},"mj-33":{"lastRun":1332405343821,"results":[0,1,0,1,1],"status":1},"mj-30":{"lastRun":1332405357972,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-31":{"lastRun":1332405363966,"results":[0,1,0,1,1,1,1,4],"status":4},"mj-36":{"lastRun":1332405369607,"results":[0,1,0,1,1,1,4],"status":4},"mj-35":{"lastRun":1332405375279,"results":[0,1,0,1,1,4],"status":4},"mj-26":{"lastRun":1332405389481,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-09":{"lastRun":1332405403410,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-08":{"lastRun":1332405417379,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-07":{"lastRun":1332405429828,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1},"oic-code+idtoken+token-token":{"lastRun":1332405443682,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-06":{"lastRun":1332405456356,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1},"oic-idtoken+token-check_id":{"lastRun":1332405470209,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1],"status":1},"mj-05":{"lastRun":1332405482767,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1},"oic-code+idtoken-token":{"lastRun":1332405496639,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-04":{"lastRun":1332405509272,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1},"mj-03":{"lastRun":1332405522043,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1},"mj-02":{"lastRun":1332405535068,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1},"mj-01":{"lastRun":1332405547664,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1},"mj-00":{"lastRun":1332405552066,"results":[0,1,0,1,1],"status":1},"oic-code+idtoken-check_id":{"lastRun":1332405566249,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],"status":1},"mj-34":{"lastRun":1332405570728,"results":[0,4],"status":4},"mj-18":{"lastRun":1332405585032,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-19":{"lastRun":1332405591008,"results":[0,1,0,1,1,1,1,4],"status":4},"mj-10":{"lastRun":1332405605178,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-11":{"lastRun":1332405619047,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-12":{"lastRun":1332405633075,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-13":{"lastRun":1332405646910,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-14":{"lastRun":1332405660848,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-15":{"lastRun":1332405674757,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-16":{"lastRun":1332405688615,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-17":{"lastRun":1332405702528,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"oic-code+idtoken+token-check_id":{"lastRun":1332405716453,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],"status":1},"oic-code-token":{"lastRun":1332405730401,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"oic-idtoken+token-userinfo":{"lastRun":1332405744388,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],"status":1},"oic-code+token-token":{"lastRun":1332405758278,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"oic-code+idtoken+token-userinfo":{"lastRun":1332405772295,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],"status":1},"oic-code+token-userinfo":{"lastRun":1332405786260,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],"status":1},"oic-token-userinfo_bb":{"lastRun":1332405800185,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],"status":1},"oic-token-userinfo":{"lastRun":1332405813998,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],"status":1},"mj-21":{"lastRun":1332405819911,"results":[0,1,0,1,1,1,1,4],"status":4},"mj-20":{"lastRun":1332405825845,"results":[0,1,0,1,1,1,1,4],"status":4},"mj-23":{"lastRun":1332405832209,"results":[0,1,0,1,1,1,1,4],"status":4},"mj-22":{"lastRun":1332405838115,"results":[0,1,0,1,1,1,1,4],"status":4},"mj-25a":{"lastRun":1332405852337,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-24":{"lastRun":1332405858292,"results":[0,1,0,1,1,1,1,4],"status":4},"mj-25b":{"lastRun":1332405872594,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-29":{"lastRun":1332405886548,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1,4],"status":4},"mj-28":{"lastRun":1332405892411,"results":[0,1,0,1,1,1,1],"status":1},"oic-verify":{"lastRun":1332405905011,"results":[0,1,0,1,1,1,1,1,1,1,1,1,1,1],"status":1}},"id":"92CF849C-C5DF-4331-B7C2-0791E8012BAB"},{"metadata":{"versions":{"oauth":"2.0","openid":"3.0"},"provider":{"supported_response_types":["code","code id_token"],"supported_scopes":["openid"],"algoritms":["HS256"],"issuer":""},"features":{"discovery":false,"registration":false,"sessionmanagement":false},"client":{"auth_type":"client_secret_basic","client_type":"confidential","client_id":"34576ef1-c05d-41c5-9d22-68082467a0ed","redirect_uris":["https://localhost/callback1","https://localhost/callback2"],"client_secret":""}},"results":{},"id":"BCB72F76-C6C0-4CA9-8F36-F76BC70D8935"}]


More information about the Openid-specs-ab mailing list