W3C home > Mailing lists > Public > public-solid@w3.org > October 2020

Re: How does the identity provider return two tokens?

From: Aaron Coburn <acoburn@apache.org>
Date: Mon, 12 Oct 2020 14:13:42 -0400
Message-ID: <CAD4uyLfpqymy7-3H9xU7TGNzLbK99djPezZbkLMjRrgTJchMtw@mail.gmail.com>
To: Angelo Veltens <angelo.veltens@online.de>
Cc: public-solid <public-solid@w3.org>
On Mon, 12 Oct 2020 at 12:33, Angelo Veltens <angelo.veltens@online.de>
wrote:

> NSS actually returns token_type "Bearer". Seams to be a Bug then?
>
Yes, it would probably be best to create an issue or submit a PR on the
associated code repository, e.g.:

https://github.com/solid/oidc-op/blob/master/src/DpopAccessToken.js#L132

Best, Aaron


> Kind regards
> Angelo
> Am 11.10.20 um 16:52 schrieb Aaron Coburn:
>
> Right, of course:
>
> {
>   ... ,
>   "token_type": "DPoP",
>   ...
> }
>
>
>
> On Sun, 11 Oct 2020 at 10:29, divoplade <d@divoplade.fr> wrote:
>
>> Hello Aaron,
>>
>> Le dimanche 11 octobre 2020 à 10:02 -0400, Aaron Coburn a écrit :
>> > Returning two (or more) tokens is a standard part of OIDC. You can
>> > read about it at
>> > https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse
>>
>> Thank you for this pointer. I realize that the response is not provided
>> by redirection for the token endpoint, which makes a lot of sense.
>>
>> > {
>> >    "access_token": "<DPoP-bound Access Token as JWT>",
>> >    "token_type": "Bearer",
>> >    "refresh_token": "<Refresh Token>",
>> >    "expires_in": 3600,
>> >    "id_token": "<ID Token as JWT>"
>> >   }
>>
>> Should the token_type not be "DPoP" instead of "Bearer", as prescribed
>> by DPoP?
>>
>>
Received on Monday, 12 October 2020 18:14:07 UTC

This archive was generated by hypermail 2.4.0 : Monday, 12 October 2020 18:14:09 UTC