[Openid-specs-ab] Issue #891: New core: unnecessary sentence in 2.3.2.1 (openid/connect)

Nat Sakimura sakimura at gmail.com
Mon Oct 21 16:01:31 UTC 2013


If that is the case, the sentence should read like "No access token is
returned when the value is code id_token from the Authorization Endpoint."
The access token is returned from the token endpoint in that case.

The entire "Hybrid Flow" chapter is new, and may need more careful read.
In Messages and Standard, there was nothing called "Hybrid Flow". It was,
in a way, combined with other flows.

Since most of the clauses are actually just pointing to the corresponding
sections in the implicit flow, we may as well combine them.
Only the additional things needed would be the code and the c_hash handling
and the response from the Token endpoint when the response_type includes
'code'.

Cheers,

Nat




2013/10/22 George Fletcher <gffletch at aol.com>

>  I had the same thought... but then also wondered if it was supposed to
> be "No Access Token is returned when the value is 'code id_token'" as that
> is one of the allowed response_types and in this case an Access Token would
> not be returned.
>
> Thanks,
> George
>
>  On 10/21/13 3:16 AM, nov wrote:
>
> New issue 891: New core: unnecessary sentence in 2.3.2.1https://bitbucket.org/openid/connect/issue/891/new-core-unnecessary-sentence-in-2321
>
> nov:
>
> "No Access Token is returned when the value is 'id_token'"
>
> This sentence shouldnt be needed, since response_type=id_token isn't in the scope of this section.
>
>
> _______________________________________________
> Openid-specs-ab mailing listOpenid-specs-ab at lists.openid.nethttp://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
> --
> [image: George Fletcher] <http://connect.me/gffletch>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>


-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131022/5f2d821f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: XeC
Type: image/png
Size: 78938 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131022/5f2d821f/attachment-0001.png>


More information about the Openid-specs-ab mailing list