- From: Aaron Coburn <acoburn@apache.org>
- Date: Mon, 12 Oct 2020 14:13:42 -0400
- To: Angelo Veltens <angelo.veltens@online.de>
- Cc: public-solid <public-solid@w3.org>
- Message-ID: <CAD4uyLfpqymy7-3H9xU7TGNzLbK99djPezZbkLMjRrgTJchMtw@mail.gmail.com>
On Mon, 12 Oct 2020 at 12:33, Angelo Veltens <angelo.veltens@online.de>
wrote:
> NSS actually returns token_type "Bearer". Seams to be a Bug then?
>
Yes, it would probably be best to create an issue or submit a PR on the
associated code repository, e.g.:
https://github.com/solid/oidc-op/blob/master/src/DpopAccessToken.js#L132
Best, Aaron
> Kind regards
> Angelo
> Am 11.10.20 um 16:52 schrieb Aaron Coburn:
>
> Right, of course:
>
> {
> ... ,
> "token_type": "DPoP",
> ...
> }
>
>
>
> On Sun, 11 Oct 2020 at 10:29, divoplade <d@divoplade.fr> wrote:
>
>> Hello Aaron,
>>
>> Le dimanche 11 octobre 2020 à 10:02 -0400, Aaron Coburn a écrit :
>> > Returning two (or more) tokens is a standard part of OIDC. You can
>> > read about it at
>> > https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse
>>
>> Thank you for this pointer. I realize that the response is not provided
>> by redirection for the token endpoint, which makes a lot of sense.
>>
>> > {
>> > "access_token": "<DPoP-bound Access Token as JWT>",
>> > "token_type": "Bearer",
>> > "refresh_token": "<Refresh Token>",
>> > "expires_in": 3600,
>> > "id_token": "<ID Token as JWT>"
>> > }
>>
>> Should the token_type not be "DPoP" instead of "Bearer", as prescribed
>> by DPoP?
>>
>>
Received on Monday, 12 October 2020 18:14:07 UTC