[Openid-specs-mobile-profile] Issue #199: CIBA example needs updating (openid/mobile)

Brian Campbell issues-reply at bitbucket.org
Fri Mar 12 23:29:02 UTC 2021


New issue 199: CIBA example needs updating
https://bitbucket.org/openid/mobile/issues/199/ciba-example-needs-updating

Brian Campbell:

The example in [https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1\_0.html#rfc.section.7.1](https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html#rfc.section.7.1) has a login\_hint\_token that used the format from the Subject Identifiers draft [https://datatracker.ietf.org/doc/html/draft-ietf-secevent-subject-identifiers-04](https://datatracker.ietf.org/doc/html/draft-ietf-secevent-subject-identifiers-04). However, a change to the format was recently introduced [https://mailarchive.ietf.org/arch/msg/id-event/D0F-o\_RSA\_X2wOeWi1upAqMnHY8/](https://mailarchive.ietf.org/arch/msg/id-event/D0F-o_RSA_X2wOeWi1upAqMnHY8/) \(the \`subject\_type\` member has been changed to \`format\`\). The CIBA example should be updated accordingly.

Current snippet from the example:

```
   login_hint_token=eyJraWQiOiJsdGFjZXNidyIsImFsZyI6IkVTMjU2In0.eyJ
   zdWJfaWQiOnsic3ViamVjdF90eXBlIjoicGhvbmUiLCJwaG9uZSI6IisxMzMwMjg
   xODAwNCJ9fQ.Kk8jcUbHjJAQkRSHyDuFQr3NMEOSJEZc85VfER74tX6J9CuUllr8
   9WKUHUR7MA0-mWlptMRRhdgW1ZDt7g1uwQ
```

Decoded payload of the token:

```
{
  "sub_id": {
    "subject_type": "phone",
    "phone": "+13302818004"
  }
}
```

AFAICT it should be changed to:

```
{
  "sub_id": {
    "format": "phone",
    "phone": "+13302818004"
  }
}
```

‌

‌

‌

 

‌




More information about the Openid-specs-mobile-profile mailing list