
<div dir="ltr"><div><div>Hi Nat,<br></div>Thanks for the response. I am using [1]. In the section[2] it is generating <span style="font-family:arial,helvetica,sans-serif">a salt value by splitting the session_state value that sent by the RP iframe. Please provide feedback on above mentioned approach.</span><br><br>[1] :<a href="https://openid.net/specs/openid-connect-session-1_0.html">https://openid.net/specs/openid-connect-session-1_0.html</a><br>[2] :<a href="https://openid.net/specs/openid-connect-session-1_0.html#OPiframe">https://openid.net/specs/openid-connect-session-1_0.html#OPiframe</a><br><br></div>Thanks and regards,<br></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="font-size:10.0pt;font-family:AdiHaus;color:gray" lang="DE"></span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><span style="font-size:10.0pt;font-family:AdiHaus;color:gray" lang="DE"></span><span><span><font color="#888888"><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="color:rgb(102,102,102);font-family:'trebuchet ms',sans-serif">Hasanthi<font color="#888888"> Dissanayake</font></span><br></p><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;vertical-align:baseline"><font color="#666666" face="trebuchet ms, sans-serif">Software Engineer | WSO2</font></span></p><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;vertical-align:baseline"><span style="color:rgb(102,102,102);font-family:'trebuchet ms',sans-serif;line-height:normal">E</span>: <a href="mailto:niroshika@wso2.com" style="font-family:'trebuchet ms',sans-serif;line-height:normal" target="_blank">hasanthi@wso2.com</a><font color="#666666" face="trebuchet ms, sans-serif"><br></font></span></p><font color="#666666" face="trebuchet ms, sans-serif"><span style="background-color:transparent;vertical-align:baseline">M :0718407133|</span><a href="http://wso2.com/" style="color:rgb(17,85,204);text-decoration:none" target="_blank"><span style="background-color:transparent;vertical-align:baseline"> </span><span style="background-color:transparent;text-decoration:underline;vertical-align:baseline">http://wso2.com</span></a><span style="background-color:transparent;vertical-align:baseline"> <br></span></font></font></span></span></div></div></div></div></div></div></div>

<br><div class="gmail_quote">On Thu, Jun 4, 2015 at 1:49 PM, Nat Sakimura <span dir="ltr"><<a href="mailto:n-sakimura@nri.co.jp" target="_blank">n-sakimura@nri.co.jp</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div dir="ltr">

<div dir="ltr">

<div style="FONT-SIZE:12pt;FONT-FAMILY:'Calibri';COLOR:#000000">

<div>Which section are you talking about? </div>

<div> </div>

<div>Nat</div>

<div> </div>

<div style="BORDER-TOP-COLOR:#000000;BORDER-BOTTOM-COLOR:#000000;PADDING-LEFT:5px;MARGIN-LEFT:5px;BORDER-LEFT:#000000 4px solid;BORDER-RIGHT-COLOR:#000000">

<div style="FONT-SIZE:small;TEXT-DECORATION:none;FONT-FAMILY:"Calibri";FONT-WEIGHT:normal;COLOR:#000000;FONT-STYLE:normal;DISPLAY:inline">

<div style="FONT:10pt tahoma">

<div><b>From:</b> <a title="hasanthi@wso2.com" href="mailto:hasanthi@wso2.com" target="_blank">Hasanthi Purnima Dissanayake</a> </div>

<div><b>Sent:</b> Tuesday, May 26, 2015 12:24 PM</div>

<div><b>To:</b> <a title="openid-specs-ab@lists.openid.net" href="mailto:openid-specs-ab@lists.openid.net" target="_blank">openid-specs-ab@lists.openid.net</a> 

</div>

<div><b>Subject:</b> [Openid-specs-ab] Generating salt value in OpenID Connect 

SessionMangement</div></div></div></div>

<div style="BORDER-TOP-COLOR:#000000;BORDER-BOTTOM-COLOR:#000000;PADDING-LEFT:5px;MARGIN-LEFT:5px;BORDER-LEFT:#000000 4px solid;BORDER-RIGHT-COLOR:#000000">

<div style="FONT-SIZE:small;TEXT-DECORATION:none;FONT-FAMILY:"Calibri";FONT-WEIGHT:normal;COLOR:#000000;FONT-STYLE:normal;DISPLAY:inline">

<div dir="ltr"><div><div class="h5">

<div><span style="FONT-FAMILY:arial,helvetica,sans-serif">Hi 

team,<br></span></div>

<div><span style="FONT-FAMILY:arial,helvetica,sans-serif">I'm working with spec 

[1] and according to the it the OP iframe is generating a salt value by 

splitting the session_state value that sent by the RP iframe. So we should send 

a salt value from RP to OP. So what I'm going to do is sending the mes variable 

from RP to OP with following format as ;<br></span></div>

<div><pre><span style="FONT-FAMILY:arial,helvetica,sans-serif"><code>var mes = CryptoJS.SHA256(client_id + origin + opss + salt) + "." + salt;<br></code></span></pre><pre><span style="FONT-FAMILY:arial,helvetica,sans-serif"><code>instead of </code>  <br>var mes = client_id + " " + session_state; which is mentioned in the spec.<br></span></pre><pre><span style="FONT-FAMILY:arial,helvetica,sans-serif">Please advice me on this.</span><br></pre>Thanks 

and Regards,<br></div>

</div></div><div>

<div>

<div>

<div>

<div dir="ltr">

<div>

<div dir="ltr">

<div>

<div dir="ltr"><span style="FONT-SIZE:10pt;FONT-FAMILY:adihaus;COLOR:gray" lang="DE"></span><span style="FONT-SIZE:11pt;FONT-FAMILY:"Calibri","sans-serif";COLOR:rgb(31,73,125)"></span><span style="FONT-SIZE:10pt;FONT-FAMILY:adihaus;COLOR:gray" lang="DE"></span><span><span><font color="#888888"><div><div class="h5">

<p style="MARGIN-BOTTOM:0pt;MARGIN-TOP:0pt;LINE-HEIGHT:1.15" dir="ltr"><span style="FONT-FAMILY:"trebuchet ms",sans-serif;COLOR:rgb(102,102,102)">Hasanthi<font color="#888888"> Dissanayake</font></span><br></p>

<p style="MARGIN-BOTTOM:0pt;MARGIN-TOP:0pt;LINE-HEIGHT:1.15" dir="ltr"><span style="VERTICAL-ALIGN:baseline;BACKGROUND-COLOR:transparent"><font face="trebuchet ms, sans-serif" color="#666666">Software Engineer | 

WSO2</font></span></p>

</div></div><p style="MARGIN-BOTTOM:0pt;MARGIN-TOP:0pt;LINE-HEIGHT:1.15" dir="ltr"><span style="VERTICAL-ALIGN:baseline;BACKGROUND-COLOR:transparent"><span style="FONT-FAMILY:"trebuchet ms",sans-serif;COLOR:rgb(102,102,102);LINE-HEIGHT:normal">E</span>: 

<a style="FONT-FAMILY:"trebuchet ms",sans-serif;LINE-HEIGHT:normal" href="mailto:niroshika@wso2.com" target="_blank">mailto:niroshika@wso2.com</a><font face="trebuchet ms, sans-serif" color="#666666"><br></font></span></p><font face="trebuchet ms, sans-serif" color="#666666"><span style="VERTICAL-ALIGN:baseline;BACKGROUND-COLOR:transparent">M 

:0718407133|</span><a style="TEXT-DECORATION:none;COLOR:rgb(17,85,204)" href="http://wso2.com/" target="_blank"><span style="VERTICAL-ALIGN:baseline;BACKGROUND-COLOR:transparent"> </span><span style="TEXT-DECORATION:underline;VERTICAL-ALIGN:baseline;BACKGROUND-COLOR:transparent">http://wso2.com</span></a><span style="VERTICAL-ALIGN:baseline;BACKGROUND-COLOR:transparent"> 

<br></span></font></font></span></span></div></div></div></div></div></div></div></div></div></div>

<p>

</p><hr>

_______________________________________________<br>Openid-specs-ab mailing 

list<br><a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br><p></p></div></div></div></div></div>

</blockquote></div><br></div>