Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

client_uri should be a property on SIOP Request, not .registration #24

Closed
jmandel opened this issue Jan 12, 2021 · 7 comments
Closed

client_uri should be a property on SIOP Request, not .registration #24

jmandel opened this issue Jan 12, 2021 · 7 comments
Assignees
@jmandel

Comments

@jmandel
Copy link
Member

jmandel commented Jan 12, 2021

client_uri should be not in registration but an optional parameter directly in the request?

image

client_uri should move up to be a sibling
@madaster97
Copy link

Having trouble accessing the Openid Spec for Dynamic client registration, but the OAuth RFC I think it's based on has "client_uri" in the metadata.

@p2-apple
Copy link
Collaborator

Having trouble accessing the Openid Spec for Dynamic client registration, but the OAuth RFC I think it's based on has "client_uri" in the metadata.

Yes, just like e.g. scope and responseType, so I think this move makes sense.

jmandel added a commit that referenced this issue Jan 21, 2021
@jmandel
Merge pull request #37 from smart-on-fhir/fix-24
8f5a383 
Fix #24 by moving client_uri to a top-level request param
@jmandel jmandel mentioned this issue Jan 21, 2021
Closed
@jmandel
Copy link
Member Author

jmandel commented Jan 21, 2021

Uh, now that I got around to implementing this, I'm not so sure it's correct :-)

I'll follow up.

@jmandel jmandel reopened this Jan 21, 2021
@jmandel jmandel self-assigned this Jan 21, 2021
@madaster97
Copy link

@p2-apple scope and responseType are not part of the Metadata definition. That's why they aren't in the registration object.

Those two fields are specific to a given request, and not generically to a given client. Note, response_types is part of the metadata definition, and on any given request the responseType chosen should be present in that array.

@jmandel
Copy link
Member Author

jmandel commented Jan 21, 2021

Agreed @madaster97. I'm double checking with the person who initially raised this issue to make sure I'm not missing anything, but my reading matches yours.

@p2-apple
Copy link
Collaborator

I was comparing it with the OAuth2 metadata keys, but right, client_uri has a different meaning there. From an OID perspective it actually seems to make sense to keep it in registration, thanks for the close reading @madaster97 !

jmandel added a commit that referenced this issue Jan 22, 2021
@jmandel
Revert fix for mistaken issue #24
72e504d 
This reverts commit 8f5a383, reversing
changes made to d0619a8.
@jmandel
Copy link
Member Author

jmandel commented Jan 22, 2021

Thanks -- I've reverted the fix and will close this out.

@jmandel jmandel closed this as completed Jan 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jmandel jmandel

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jmandel @p2-apple @madaster97