Thank you Sagara for the response. Yes, as you mentioned it means logical to use the server error response. will proceed with that.
Thanks, On Tue, Jul 4, 2017 at 7:08 PM, Sagara Gunathunga <sag...@wso2.com> wrote: > > > On Tue, Jul 4, 2017 at 6:54 PM, Denuwanthi De Silva <denuwan...@wso2.com> > wrote: > >> Hi, >> >> In OIDC spec,following claims are mentioned as mandatory. >> -iss >> -sub >> -aud >> -exp >> -iat >> >> Currently as mentioned in jira [1], it is possible to write custom OAuth2 >> grant type which returns IDToken without "sub" claim. >> >> When we handle this scenario, there is a small concern >> that need to be clarified. >> >> -When analyze the spec we could not find any instance where it mentioned >> the error message to display in such a scenario. >> In that case, shall we come up with *new error message*? >> {"error_description":"custom description.","error":"custom_error"} >> >> - or throw a server exception and send the standard *server error* >> message ? >> ex: >> {"error_description":"Internal Server Error.","error":"server_error"} >> > > IMO what happen here is, server can not generate valid IDToken. "Internal > Server Error " can properly describe this behavior so better to use that > code, returning custom code may cause interoperability issues as well. > > Thanks ! > >> >> >> Appreciate any input on how to proceed with this. >> >> [1]https://wso2.org/jira/browse/IDENTITY-6088 >> [2]http://openid.net/specs/openid-connect-core-1_0.html#IDToken >> >> Thanks, >> -- >> Denuwanthi De Silva >> Senior Software Engineer; >> WSO2 Inc.; http://wso2.com, >> Email: denuwan...@wso2.com >> Blog: https://denuwanthi.wordpress.com/ >> > > > > -- > Sagara Gunathunga > > Associate Director / Architect; WSO2, Inc.; http://wso2.com > V.P Apache Web Services; http://ws.apache.org/ > Linkedin; http://www.linkedin.com/in/ssagara > Blog ; http://ssagara.blogspot.com > > -- Denuwanthi De Silva Senior Software Engineer; WSO2 Inc.; http://wso2.com, Email: denuwan...@wso2.com Blog: https://denuwanthi.wordpress.com/
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev