Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Add submit_url field to requestToken responses, clarify HS's can send tokens themselves #2101
referenced this pull request
Jun 7, 2019
I haven't done a review for accuracy - that probably needs an identity person. I have done a structural review though.
Because the same information is repeated several times, I stopped pointing out duplicate comments about halfway through - the feedback applies to more than what's pointed out.
Last request: please link to the implementation in the PR description as proof this works in practice.
otherwise lgtm, thanks for suffering my nitpicking editor hat. I would recommend a checkmark from an identity person, but I believe this accurately represents the proposal and implementation.