-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FAPI 1.0 Non Normative Examples #458
Comments
We note that https://datatracker.ietf.org/doc/html/rfc9126#section-3 is the appropriate section in PAR that describes the use of the request object. The first paragraph in section 3 indicates that the only permitted parameters outside of the JWT request parameter are ' The example in section 3 is a continuation of the example from section 2.1. Section 4, has an example of authorisation request to the authorisation endpoint. |
In follow up to this change request, it is intended that the following sections are updated to include FAPI 1.0 compliant non-normative examples:
This will illustrate support and use of:
These examples will be included in addition to the existing non-normative examples with labels to clearly indicate what are pre-FAPI 1.0 of OIDC Hybrid Code Flow examples versus FAPI 1.0 compliant examples using the Authorisation Code Flow. These non-normative examples will include the Authorisation Server publishing supported metadata parameters via their well known OpenID discovery document, client registration and negotiation as well as authorisation and token endpoint calls. A sequence diagram illustrating the orchestrated flow is presented below. This will be discussed in the maintenance iteration call held at 2pm AEST 06/04/2022. Non-normative examples will be published after discussion of the flow and additional considerations. Further considerations
|
This issue was discussed in the Maintenance Iteration 11 call. It was agreed to carry this change request into maintenance iteration 11. |
Issue #522 has been raised to deal with the registration of required OIDD metadata parameters for JARM, PAR and PKCE. |
Based on the discussion in Maintenance Iteration 11 the sequence diagram has been updated. A separate change request will be raised to consider the requirements for response encryption using JARM. An OIDF issue has already been raised in relation to this. |
We view the below as necessary points to resolve in order to enable FAPI 1 phase 3 implementations:
|
Description
Review and update of the non-normative examples in line with FAPI 1.0 transition.
Area Affected
Security profile > security end-points
Change Proposed
Proposing for review and update of the non normative examples for the security end points in line with FAPI 1.0 transition phases. More specifically:
DSB Proposed Solution
The current DSB proposal for this issue is in this comment.
The text was updated successfully, but these errors were encountered: