On Fri, Sep 15, 2017 at 2:47 PM, Hasini Witharana <[email protected]> wrote:
> Hi, > > In OIDC dynamic client registration, in the request header we need to send > an already existing user and the password to register a client in WSO2 > Identity server.In OIDC specification[1], It is not mandatory to send user > details to register a client. > > When running the OIDC test suite for dynamic profile, test suite does not > send any user details in the header. So we can't create any client and the > test fails. > > For that issue if any user details are not provided in the registration > request we can assign an anonymous user(*wso2*.*anonymous*.*user*) and > register the client. > IMO correct design should be completely remove the requirement of having a user. If we use *"wso2*.*anonymous*.*user" *some application may have real username and some application may have *"wso2*.*anonymous*.*user" *which end up with inconsistency. Also need to think about creating a role per service provider if any user doesn't have that role. > > [1] - https://openid.net/specs/openid-connect-registration-1_0.html > > -- > > *Hasini Witharana* > Software Engineering Intern | WSO2 > > > *Email : [email protected] <[email protected]>* > > *Mobile : +94713850143 <+94%2071%20385%200143>[image: > http://wso2.com/signature] <http://wso2.com/signature>* > > -- > You received this message because you are subscribed to the Google Groups > "WSO2 Engineering Group" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/a/wso2.com/d/optout. > -- Gayan Gunawardana Senior Software Engineer; WSO2 Inc.; http://wso2.com/ Email: [email protected] Mobile: +94 (71) 8020933
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
