[Openid-specs-mobile-profile] Issue #199: CIBA example needs updating (openid/mobile)
Brian Campbell
issues-reply at bitbucket.org
Fri Mar 12 23:29:02 UTC 2021
New issue 199: CIBA example needs updating
https://bitbucket.org/openid/mobile/issues/199/ciba-example-needs-updating
Brian Campbell:
The example in [https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1\_0.html#rfc.section.7.1](https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html#rfc.section.7.1) has a login\_hint\_token that used the format from the Subject Identifiers draft [https://datatracker.ietf.org/doc/html/draft-ietf-secevent-subject-identifiers-04](https://datatracker.ietf.org/doc/html/draft-ietf-secevent-subject-identifiers-04). However, a change to the format was recently introduced [https://mailarchive.ietf.org/arch/msg/id-event/D0F-o\_RSA\_X2wOeWi1upAqMnHY8/](https://mailarchive.ietf.org/arch/msg/id-event/D0F-o_RSA_X2wOeWi1upAqMnHY8/) \(the \`subject\_type\` member has been changed to \`format\`\). The CIBA example should be updated accordingly.
Current snippet from the example:
```
login_hint_token=eyJraWQiOiJsdGFjZXNidyIsImFsZyI6IkVTMjU2In0.eyJ
zdWJfaWQiOnsic3ViamVjdF90eXBlIjoicGhvbmUiLCJwaG9uZSI6IisxMzMwMjg
xODAwNCJ9fQ.Kk8jcUbHjJAQkRSHyDuFQr3NMEOSJEZc85VfER74tX6J9CuUllr8
9WKUHUR7MA0-mWlptMRRhdgW1ZDt7g1uwQ
```
Decoded payload of the token:
```
{
"sub_id": {
"subject_type": "phone",
"phone": "+13302818004"
}
}
```
AFAICT it should be changed to:
```
{
"sub_id": {
"format": "phone",
"phone": "+13302818004"
}
}
```
More information about the Openid-specs-mobile-profile
mailing list