Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add url of the "https://.../.well-known/openid-configuration." #83

Closed
daisukenishino opened this issue Jul 31, 2018 · 2 comments
Closed

Add url of the "https://.../.well-known/openid-configuration." #83

daisukenishino opened this issue Jul 31, 2018 · 2 comments
Labels
enhancement New feature or request
Milestone
Release of 01-20 ...

Comments

@daisukenishino
Copy link
Contributor

daisukenishino commented Jul 31, 2018
edited by daisukenishino2
Loading

Requirement
@daisukenishino daisukenishino added the enhancement New feature or request label Jul 31, 2018
@daisukenishino2
Copy link
Member

daisukenishino2 commented Aug 14, 2018
edited
Loading

Example

HTTP/1.1 200 OK
Content-Type: application/json

{
 "issuer":
   "https://server.example.com",
 "authorization_endpoint":
   "https://server.example.com/authorize",
 "token_endpoint":
   "https://server.example.com/token",
 "token_endpoint_auth_methods_supported":
   ["client_secret_basic", "private_key_jwt"],
 "token_endpoint_auth_signing_alg_values_supported":
   ["RS256", "ES256"],
 "userinfo_endpoint":
   "https://server.example.com/userinfo",
 "jwks_uri":
   "https://server.example.com/jwks.json",
 "registration_endpoint":
   "https://server.example.com/register",
 "scopes_supported":
   ["openid", "profile", "email", "address",
    "phone", "offline_access"],
 "response_types_supported":
   ["code", "code token"],
 "service_documentation":
   "http://server.example.com/service_documentation.html",
 "ui_locales_supported":
   ["en-US", "en-GB", "en-CA", "fr-FR", "fr-CA"]
}
HTTP/1.1 200 OK
Content-Type: application/json

{
  "issuer":"https://adfs.example.com/adfs",
  "authorization_endpoint":"https://adfs.example.com/adfs/oauth2/authorize/",
  "token_endpoint":"https://adfs.example.com/adfs/oauth2/token/",
  "jwks_uri":"https://adfs.example.com/adfs/discovery/keys",
  "token_endpoint_auth_methods_supported":
  [
    "client_secret_post",
    "client_secret_basic",
    "private_key_jwt",
    "windows_client_authentication"
  ],
  "response_types_supported":
  [
    "code",
    "id_token",
    "code id_token",
    "token id_token"
  ],
  "response_modes_supported":
  [
    "query",
    "fragment",
    "form_post"
  ],
    "grant_types_supported":
  [
    "authorization_code",
    "refresh_token",
    "client_credentials",
    "urn:ietf:params:oauth:grant-type:jwt-bearer",
    "implicit",
    "password",
    "srv_challenge"
  ],
  "subject_types_supported":
  [
    "pairwise"
  ],
  "scopes_supported":
  [
    "openid",
    "profile",
    "email",
    "logon_cert",
    "aza",
    "vpn_cert",
    "user_impersonation"
  ],
  "id_token_signing_alg_values_supported":
  [
    "RS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported":
  [
    "RS256"
  ],
  "access_token_issuer":"http://adfs.example.com/adfs/services/trust",
  "claims_supported":
  [
    "aud",
    "iss",
    "iat",
    "exp",
    "auth_time",
    "nonce",
    "at_hash",
    "c_hash",
    "sub",
    "upn",
    "unique_name",
    "pwd_url",
    "pwd_exp"
  ],
  "microsoft_multi_refresh_token":true,
  "userinfo_endpoint":"https://adfs.example.com/adfs/userinfo"
}

Else

@daisukenishino2
Copy link
Member

daisukenishino2 commented Aug 14, 2018
edited
Loading

Specification in this product

HTTP/1.1 200 OK
Content-Type: application/json

{
  "issuer":"OAuthIssuerIdの値",
  "access_token_issuer":"OAuthIssuerIdの値",
  "authorization_endpoint": ["OAuthAuthorizeEndpointの値", "OAuthAuthorizeEndpoint2の値"],
  "token_endpoint": ["OAuthBearerTokenEndpointの値", "OAuthBearerTokenEndpoint2の値"],
  "userinfo_endpoint":"OAuthGetUserClaimsWebAPIの値",
  "token_endpoint_auth_methods_supported":
  [
    "client_secret_basic",
    "private_key_jwt"
  ],
  "response_types_supported":
  [
    "code",
    "token",
    "id_token token",
    "code token"
    "code id_token",
    "code id_token token"
  ],
  "response_modes_supported":
  [
    "query",
    "form_post"
  ],
  "grant_types_supported":
  [
    "authorization_code",
    "implicit",
    "password",
    "client_credentials",
    "refresh_token",
    "urn:ietf:params:oauth:grant-type:jwt-bearer"
  ],
  "subject_types_supported":
  [
    "pairwise"
  ],
  "scopes_supported":
  [
    "auth",
    "openid",
    "profile",
    "email",
    "phone",
    "address",
    "userid",
    "roles"
  ],
  "token_endpoint_auth_signing_alg_values_supported":
  [
    "RS256"
  ],
  "id_token_signing_alg_values_supported":
  [
    "RS256"
  ],
  "claims_supported":
  [
    "iss",
    "aud",
    "nonce",
    "sub",
    "iat",
    "exp",
    "nbf",
    "iat",
    "jti",
    "at_hash",
    "c_hash"
  ],
  "revocation_endpoint":"OAuthRevokeTokenWebAPIの値",
  "revocation_endpoint_auth_methods_supported":
  [
    "client_secret_basic"
  ],
  "introspection_endpoint":"OAuthIntrospectTokenWebAPIの値",
  "introspection_endpoint_auth_methods_supported":
  [
    "none"
  ],
  "code_challenge_methods_supported":
  [
    "plain",
    "S256"
  ],
  "jwks_uri":"https://fqdn/jwks.json", // config化
  "service_documentation":"・・・"
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
Release of 01-20 version
Development

No branches or pull requests
2 participants
@daisukenishino @daisukenishino2