Support OAuth 2.0 Authorization Server Issuer Identification as per RFC9207

Basics

Logistics

Basics

Logistics

Description

Support OAuth 2.0 Authorization Server Issuer Identification as per RFC9207

So that the OP can declare authorization_response_iss_parameter_supported claim within the OP metadata

Environment

None

Activity

Show:

Simone AvogadroJune 15, 2022 at 3:36 PM

I can confirm that this works in our use-case (as of commit 5339799372d39eed5a356ee1b351cac0b576614f)

Henri MikkonenJune 10, 2022 at 10:05 AM

Updated the profile-specific configuration table at https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376879266/OPAuthorization

Henri MikkonenMay 20, 2022 at 1:57 PM

Added a new profile configuration parameter includeIssuerInResponse to the OIDC.SSO configuration. It's wired to the SWF actions that build the authentication responses (both success and error).

Default value is set to false.

Simone AvogadroApril 22, 2022 at 10:15 AM

Additionally: our target is the Authorization Code Flow with PKCE

Completed

Details
Assignee
Henri Mikkonen
Reporter
Simone Avogadro
Components
Fix versions
3.2.0

Created April 22, 2022 at 10:14 AM

Updated June 15, 2022 at 3:36 PM

Resolved June 10, 2022 at 10:05 AM

Support OAuth 2.0 Authorization Server Issuer Identification as per RFC9207

Description

Environment

Activity

Simone AvogadroJune 15, 2022 at 3:36 PM

Henri MikkonenJune 10, 2022 at 10:05 AM

Henri MikkonenMay 20, 2022 at 1:57 PM

Simone AvogadroApril 22, 2022 at 10:15 AM

DetailsAssigneeHenri MikkonenHenri MikkonenReporterSimone AvogadroSimone AvogadroComponentsFix versions3.2.0

Details

Assignee

Reporter

Components

Fix versions

Details
Assignee
Henri Mikkonen
Reporter
Simone Avogadro
Components
Fix versions
3.2.0