[Openid-specs-ab] Generating salt value in OpenID Connect SessionMangement
Hasanthi Purnima Dissanayake
hasanthi at wso2.com
Wed Jun 10 09:21:05 UTC 2015
Thanks for the response. I am using . In the section it is generating a
salt value by splitting the session_state value that sent by the RP iframe.
Please provide feedback on above mentioned approach.
Thanks and regards,
Software Engineer | WSO2
E: hasanthi at wso2.com <niroshika at wso2.com>
M :0718407133| http://wso2.com <http://wso2.com/>
On Thu, Jun 4, 2015 at 1:49 PM, Nat Sakimura <n-sakimura at nri.co.jp> wrote:
> Which section are you talking about?
> *From:* Hasanthi Purnima Dissanayake <hasanthi at wso2.com>
> *Sent:* Tuesday, May 26, 2015 12:24 PM
> *To:* openid-specs-ab at lists.openid.net
> *Subject:* [Openid-specs-ab] Generating salt value in OpenID Connect
> Hi team,
> I'm working with spec  and according to the it the OP iframe is
> generating a salt value by splitting the session_state value that sent by
> the RP iframe. So we should send a salt value from RP to OP. So what I'm
> going to do is sending the mes variable from RP to OP with following format
> as ;
> var mes = CryptoJS.SHA256(client_id + origin + opss + salt) + "." + salt;
> instead of
> var mes = client_id + " " + session_state; which is mentioned in the spec.
> Please advice me on this.
> Thanks and Regards,
> Hasanthi Dissanayake
> Software Engineer | WSO2
> E: mailto:niroshika at wso2.com <niroshika at wso2.com>
> M :0718407133| http://wso2.com <http://wso2.com/>
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab