[Openid-specs-ab] Issue #116: Tests for returning claims about the user not shown when response_type=id_token (openid/certification)

Michael Jones issues-reply at bitbucket.org
Thu Mar 19 23:20:00 UTC 2015


New issue 116: Tests for returning claims about the user not shown when response_type=id_token
https://bitbucket.org/openid/certification/issue/116/tests-for-returning-claims-about-the-user

Michael Jones:

All the logic about requesting and returning claims about the user applies when response_type=id_token, even though it has no UserInfo Endpoint.  For instance, http://openid.net/specs/openid-connect-core-1_0-final.html#ScopeClaims says this about requesting claims with scope values and returning them in the ID Token:

"However, when no Access Token is issued (which is the case for the response_type value id_token), the resulting Claims are returned in the ID Token."

Please enable all of these missing tests for response_type=id_token:
```
    OP-scope-All
    OP-scope-address
    OP-scope-email
    OP-scope-phone
    OP-scope-profile
    OP-Req-claims_locales
    OP-claims-essential
```

Not that this means that these tests are enabled for ALL response types.  (Interestingly, I would have expected `OP-Req-ui_locales` to be missing, but it's already there.)

Note that if some of the test logic is looking for results from these tests in the UserInfo Endpoint response, **this test logic will need to be updated** to instead look for these results in the ID Token when response_type=id_token.

Responsible: Rohe


More information about the Openid-specs-ab mailing list