Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-auth-server): Support OAuth 2.0 Step-up Authentication Challenge Protocol (draft) #2589

Closed
nynymike opened this issue Oct 11, 2022 · 1 comment · Fixed by #3885 or #3887
Closed

feat(jans-auth-server): Support OAuth 2.0 Step-up Authentication Challenge Protocol (draft) #2589

nynymike opened this issue Oct 11, 2022 · 1 comment · Fixed by #3885 or #3887
Assignees
@yuriyz
Labels
comp-jans-auth-server Component affected by issue or PR enhancement kind-feature Issue or PR is a new feature request
Milestone
1.0.7

Comments

@nynymike
Copy link
Contributor

OAuth 2.0 Step-up Authentication Challenge Protocol

It is not uncommon for resource servers to require different
   authentication strengths or freshness according to the
   characteristics of a request.  This document introduces a mechanism
   for a resource server to signal to a client that the authentication
   event associated with the access token of the current request doesn't
   meet its authentication requirements and specify how to meet them.
   This document also codifies a mechanism for a client to request that
   an authorization server achieve a specific authentication strength or
   freshness when processing an authorization request.
@moabu moabu changed the title New OAuth Error Response Code for Stepped-up Authn feat(jans-auth-server): new OAuth Error Response Code for Stepped-up Authn Oct 12, 2022
@moabu moabu assigned yuriyz and unassigned moabu Oct 12, 2022
@mo-auto mo-auto added comp-jans-auth-server Component affected by issue or PR kind-feature Issue or PR is a new feature request labels Oct 12, 2022
@nynymike nynymike assigned qbert2k and unassigned yuriyz Oct 17, 2022
@moabu moabu added this to the 1.0.4 milestone Nov 3, 2022
@moabu moabu modified the milestones: 1.0.4, 1.0.5 Nov 14, 2022
@moabu moabu modified the milestones: 1.0.5, 1.0.6 Dec 1, 2022
@ossdhaval ossdhaval assigned yuriyz and unassigned qbert2k Dec 20, 2022
@moabu moabu modified the milestones: 1.0.6, 1.0.7 Jan 9, 2023
@nynymike nynymike changed the title feat(jans-auth-server): new OAuth Error Response Code for Stepped-up Authn feat(jans-auth-server): Support OAuth 2.0 Step-up Authentication Challenge Protocol (draft) Feb 14, 2023
yuriyz added a commit that referenced this issue Feb 20, 2023
@yuriyz
feat(jans-auth-server): OAuth 2.0 Step-up - added acr and auth_time t…
665c3a6 
…o introspection response #2589
@yuriyz yuriyz mentioned this issue Feb 20, 2023
Merged
yuriyz added a commit that referenced this issue Feb 20, 2023
@yuriyz
feat(jans-auth-server): OAuth 2.0 Step-up - added acr and auth_time t…
a325998 
…o introspection response #2589 (#3885)
yuriyz added a commit that referenced this issue Feb 20, 2023
@yuriyz
feat(jans-auth-server): OAuth 2.0 Step-up - added acr and auth_time t…
545d39e 
…o access_token JWT #2589
@yuriyz yuriyz mentioned this issue Feb 20, 2023
Merged
yuriyz added a commit that referenced this issue Feb 20, 2023
@yuriyz
feat(jans-auth-server): OAuth 2.0 Step-up - added acr and auth_time #…
2bd7a67 
…2589 (#3887)

* feat(jans-auth-server): OAuth 2.0 Step-up - added acr and auth_time to introspection response #2589

* feat(jans-auth-server): OAuth 2.0 Step-up - added acr and auth_time to access_token JWT #2589
@yuriyz
Copy link
Contributor

yuriyz commented Feb 20, 2023

Added "auth_time" and "acr" claims described by spec to introspection response and to access_token as JWT. AS identifies acr change and redirects to right authn script for re-authentication, in this way forcing step-up.

@mo-auto3 mo-auto3 mentioned this issue Feb 22, 2023
Merged
@mo-auto mo-auto mentioned this issue Feb 22, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
comp-jans-auth-server Component affected by issue or PR enhancement kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
1.0.7
5 participants
@yuriyz @qbert2k @nynymike @moabu @mo-auto