OC5:XR-Apache mod oidc-x-Gluu OX

From OSIS Open Source Identity Systems
Jump to: navigation, search

{{#vardefine:DtArticleSortKey|}}

XR-Apache mod auth openidc-x-Gluu OX

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|XR-Apache mod oidc-x-Gluu OX}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:XR-Apache mod auth openidc-x-Gluu OX|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=XResult,from={{#var:page}},namespace=OC5|copy]]  [[Special:Call/DT Articles list XML,type=XResult,title={{#var:page}},namespace=OC5|as XML]]  edit
}}
{{#if:|Cross Solution Result |Cross Solution Result }}   XR-Apache mod auth openidc-x-Gluu OX
Identifier   bgcolor={{{color}}}}}|XR-Apache mod auth openidc-x-Gluu OX
Date Tested   bgcolor={{{color}}}}}|1 September 2014
Outcome (Must be one of:)
* Works
* Issues
* Failed
* N/A
* Not Tested
 
bgcolor={{{color}}}}}|Issues
Tested By   bgcolor={{{color}}}}}|Zandbelt 19:27, 1 September 2014 (UTC)
Solutions Involved   bgcolor={{{color}}}}}|{{#if: Apache mod auth openidc | OC5:Apache mod auth openidc |   }}
  bgcolor={{{color}}}}}|{{#if: Gluu OX | OC5:Gluu OX |   }}
Other Solutions Involved   bgcolor={{{color}}}}}|
Operating System   bgcolor={{{color}}}}}|
Browser   bgcolor={{{color}}}}}|
Notes   bgcolor={{{color}}}}}|1. does not support response_type "token id_token" even though advertised

2. does not encrypt id_token a requested by client (e.g. registered with "id_token_signed_response_alg": "RS256", "id_token_encrypted_response_alg": "A128KW")

3. logout with Session Management draft 21 fails, example:

 https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/end_session?id_token_hint=<valid-idtoken>&post_logout_redirect_uri=<valid-url>

results in:

 {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats a parameter, or is otherwise malformed."}

4. session management does not seem to be supported compliant with draft 21 since "session_id" is returned in the auth response instead of "session_state"

Click here for help populating this chart.

Back To

{{#dpl: namespace = OC5 | linksto = OC5:XR-Apache mod oidc-x-Gluu OX }}