- From: Aaron Coburn <acoburn@apache.org>
- Date: Mon, 12 Oct 2020 14:13:42 -0400
- To: Angelo Veltens <angelo.veltens@online.de>
- Cc: public-solid <public-solid@w3.org>
- Message-ID: <CAD4uyLfpqymy7-3H9xU7TGNzLbK99djPezZbkLMjRrgTJchMtw@mail.gmail.com>
On Mon, 12 Oct 2020 at 12:33, Angelo Veltens <angelo.veltens@online.de> wrote: > NSS actually returns token_type "Bearer". Seams to be a Bug then? > Yes, it would probably be best to create an issue or submit a PR on the associated code repository, e.g.: https://github.com/solid/oidc-op/blob/master/src/DpopAccessToken.js#L132 Best, Aaron > Kind regards > Angelo > Am 11.10.20 um 16:52 schrieb Aaron Coburn: > > Right, of course: > > { > ... , > "token_type": "DPoP", > ... > } > > > > On Sun, 11 Oct 2020 at 10:29, divoplade <d@divoplade.fr> wrote: > >> Hello Aaron, >> >> Le dimanche 11 octobre 2020 à 10:02 -0400, Aaron Coburn a écrit : >> > Returning two (or more) tokens is a standard part of OIDC. You can >> > read about it at >> > https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse >> >> Thank you for this pointer. I realize that the response is not provided >> by redirection for the token endpoint, which makes a lot of sense. >> >> > { >> > "access_token": "<DPoP-bound Access Token as JWT>", >> > "token_type": "Bearer", >> > "refresh_token": "<Refresh Token>", >> > "expires_in": 3600, >> > "id_token": "<ID Token as JWT>" >> > } >> >> Should the token_type not be "DPoP" instead of "Bearer", as prescribed >> by DPoP? >> >>
Received on Monday, 12 October 2020 18:14:07 UTC