Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Further clarify redirect_uri shape with direct_post responses #272

Open
breynders-cb opened this issue Sep 27, 2024 · 1 comment · May be fixed by #273
Open

Further clarify redirect_uri shape with direct_post responses #272

breynders-cb opened this issue Sep 27, 2024 · 1 comment · May be fixed by #273
Assignees
@jogu
Labels
has-PR

Comments

@breynders-cb
Copy link

During a hackathon around UC5 Potential we came across interoperability issues due to a slight misinterpretation of Section 6.2, particularly:

The following new parameter is defined for use in the response from the endpoint: redirect_uri

combined with

The following is a non-normative example of the response from the Verifier to the Wallet upon receiving the Authorization Response at the Response Endpoint (using a response_code parameter from Section 11.5):

HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store

{
"redirect_uri": "https://client.example.org/cb#response_code=091535f699ea575c7937fa5f0f454aee"
}`

Other than the "non-normative example", it was never clearly stated that the redirect_uri will return in the response body as a JSON object and there were interpretations that used location headers instead.

I think stating that the response body is supposed to be a JSON object with just 1 field (redirect_uri) is enough to make it 100% clear.
jogu added a commit that referenced this issue Sep 27, 2024
@jogu
Clarify that direct_post endpoint response is JSON.
cdd76ce 
closes #272
jogu added a commit that referenced this issue Sep 27, 2024
@jogu
Clarify that direct_post endpoint response is JSON.
900db5d 
closes #272
jogu added a commit that referenced this issue Sep 27, 2024
@jogu
Clarify that direct_post endpoint response is JSON.
1269e77 
For completeness also clarify that unknown parameters must be ignored
as we've recently done elsewhere.

closes #272
@jogu jogu linked a pull request Sep 27, 2024 that will close this issue
Open
@jogu jogu self-assigned this Sep 27, 2024
@jogu jogu added the has-PR label Sep 27, 2024
@jogu
Copy link
Collaborator

jogu commented Sep 27, 2024

Good information, thanks! I've tried to resolve here: #273

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jogu jogu

Labels
has-PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Clarify that direct_post endpoint response is JSON. openid/OpenID4VP
2 participants
@jogu @breynders-cb