[Openid-specs-ab] Generating salt value in OpenID Connect SessionMangement

Hasanthi Purnima Dissanayake hasanthi at wso2.com
Wed Jun 10 09:21:05 UTC 2015


Hi Nat,
Thanks for the response. I am using [1]. In the section[2] it is generating a
salt value by splitting the session_state value that sent by the RP iframe.
Please provide feedback on above mentioned approach.

[1] :https://openid.net/specs/openid-connect-session-1_0.html
[2] :https://openid.net/specs/openid-connect-session-1_0.html#OPiframe

Thanks and regards,

Hasanthi Dissanayake

Software Engineer | WSO2

E: hasanthi at wso2.com <niroshika at wso2.com>
M :0718407133| http://wso2.com <http://wso2.com/>

On Thu, Jun 4, 2015 at 1:49 PM, Nat Sakimura <n-sakimura at nri.co.jp> wrote:

>   Which section are you talking about?
>
> Nat
>
>   *From:* Hasanthi Purnima Dissanayake <hasanthi at wso2.com>
> *Sent:* Tuesday, May 26, 2015 12:24 PM
> *To:* openid-specs-ab at lists.openid.net
> *Subject:* [Openid-specs-ab] Generating salt value in OpenID Connect
> SessionMangement
>   Hi team,
> I'm working with spec [1] and according to the it the OP iframe is
> generating a salt value by splitting the session_state value that sent by
> the RP iframe. So we should send a salt value from RP to OP. So what I'm
> going to do is sending the mes variable from RP to OP with following format
> as ;
>
> var mes = CryptoJS.SHA256(client_id + origin + opss + salt) + "." + salt;
>
> instead of
> var mes = client_id + " " + session_state; which is mentioned in the spec.
>
> Please advice me on this.
>
> Thanks and Regards,
>
> Hasanthi Dissanayake
>
> Software Engineer | WSO2
>
> E: mailto:niroshika at wso2.com <niroshika at wso2.com>
> M :0718407133| http://wso2.com <http://wso2.com/>
>
> ------------------------------
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150610/4634c8e0/attachment.html>


More information about the Openid-specs-ab mailing list