On Tue, Apr 10, 2018 at 9:44 AM, Hasanthi Purnima Dissanayake < hasan...@wso2.com> wrote:
> Hi Gayan, > > *Request object * >> >> { >> "iss": "KqpUgGLpJaW5n5_OiAJlSnMiCiIa", >> "aud": "https://localhost:9444/oauth2/token", >> "response_type": "id_token token", >> "client_id": "KqpUgGLpJaW5n5_OiAJlSnMiCiIa", >> "redirect_uri": "http://localhost:8080/playground2/oauth2client", >> "scope": "openid", >> "state": "af0ifjsldkj", >> "nonce": "n-0S6_WzA2Mj", >> "max_age": 86400, >> "claims": { >> "userinfo": { >> "given_name": { >> "essential": true >> } >> }, >> "id_token": { >> "given_name": { >> "essential": true >> }, >> "acr": { >> "values": [ >> "urn:mace:incommon:iap:silver" >> ] >> } >> } >> } >> } >> >> > Can you please provide the full authorization request that you are using. > For your reference I will add a sample request as below. > There you go. https://localhost:9443/oauth2/authorize?response_type=id_token%20token&client_id=KqpUgGLpJaW5n5_OiAJlSnMiCiIa&redirect_uri=http://localhost:8080/playground2/oauth2client&scope=openid&state=af0ifjsldkj&nonce=n-0S6_WzA2Mj&request=eyJhbGciOiJSUzI1NiIsImtpZCI6ImsyYmRjIn0.eyJpc3MiOiJLcXBVZ0dMcEphVzVuNV9PaUFKbFNuTWlDaUlhIiwiYXVkIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6OTQ0NC9vYXV0aDIvdG9rZW4iLCJyZXNwb25zZV90eXBlIjoiaWRfdG9rZW4gdG9rZW4iLCJjbGllbnRfaWQiOiJLcXBVZ0dMcEphVzVuNV9PaUFKbFNuTWlDaUlhIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL3BsYXlncm91bmQyL29hdXRoMmNsaWVudCIsInNjb3BlIjoib3BlbmlkIiwic3RhdGUiOiJhZjBpZmpzbGRraiIsIm5vbmNlIjoibi0wUzZfV3pBMk1qIiwibWF4X2FnZSI6ODY0MDAsImNsYWltcyI6eyJ1c2VyaW5mbyI6eyJnaXZlbl9uYW1lIjp7ImVzc2VudGlhbCI6dHJ1ZX19LCJpZF90b2tlbiI6eyJnaXZlbl9uYW1lIjp7ImVzc2VudGlhbCI6dHJ1ZX0sImFjciI6eyJ2YWx1ZXMiOlsidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciJdfX19fQ.riFqPq298AVlQgjEztmWRAHwyGlvVsF9x0xwPmCrpQwWebJLEjmGLnBjuZsfXGk5dczlmgEB6SKf0o3WWmMDgRMemHbxcnKvyaLxVX_PatZs72PC2kTCK71yK0qqwuGkifyK0fmHl_Uzabyz17Hfspc5B11EdEl3cPJNheFZBuKGe68q_Z8TmBdpFVm6CPpTv2HkGcNJPzO4jfvl2KYb49v0WiV4gpGHKvy8ZPyEY-cdUxvI9uSUyxValC_M4S47usY55Dr_9F3weF_Rd2d1uyNOebMnJGe-MvP2kwCVHpik-4kEHBJc4xw8TDmgS5HjB1UNiLrqOdzv0cRc-finAQ > > https://server.example.com/authorize? > response_type=code%20id_token > &client_id=s6BhdRkqt3 > &redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb > &scope=openid > &state=af0ifjsldkj > &nonce=n-0S6_WzA2Mj > &request=eyJhbGciOiJSUzI1NiIsImtpZCI6ImsyYmRjIn0.ew0KICJpc3MiOiA > iczZCaGRSa3F0MyIsDQogImF1ZCI6ICJodHRwczovL3NlcnZlci5leGFtcGxlLmN > vbSIsDQogInJlc3BvbnNlX3R5cGUiOiAiY29kZSBpZF90b2tlbiIsDQogImNsaWV > udF9pZCI6ICJzNkJoZFJrcXQzIiwNCiAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8 > vY2xpZW50LmV4YW1wbGUub3JnL2NiIiwNCiAic2NvcGUiOiAib3BlbmlkIiwNCiA > ic3RhdGUiOiAiYWYwaWZqc2xka2oiLA0KICJub25jZSI6ICJuLTBTNl9XekEyTWo > iLA0KICJtYXhfYWdlIjogODY0MDAsDQogImNsYWltcyI6IA0KICB7DQogICAidXN > lcmluZm8iOiANCiAgICB7DQogICAgICJnaXZlbl9uYW1lIjogeyJlc3NlbnRpYWw > iOiB0cnVlfSwNCiAgICAgIm5pY2tuYW1lIjogbnVsbCwNCiAgICAgImVtYWlsIjo > geyJlc3NlbnRpYWwiOiB0cnVlfSwNCiAgICAgImVtYWlsX3ZlcmlmaWVkIjogeyJ > lc3NlbnRpYWwiOiB0cnVlfSwNCiAgICAgInBpY3R1cmUiOiBudWxsDQogICAgfSw > NCiAgICJpZF90b2tlbiI6IA0KICAgIHsNCiAgICAgImdlbmRlciI6IG51bGwsDQo > gICAgICJiaXJ0aGRhdGUiOiB7ImVzc2VudGlhbCI6IHRydWV9LA0KICAgICAiYWN > yIjogeyJ2YWx1ZXMiOiBbInVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiXX0 > NCiAgICB9DQogIH0NCn0.nwwnNsk1-ZkbmnvsF6zTHm8CHERFMGQPhos-EJcaH4H > h-sMgk8ePrGhw_trPYs8KQxsn6R9Emo_wHwajyFKzuMXZFSZ3p6Mb8dkxtVyjoy2 > GIzvuJT_u7PkY2t8QU9hjBcHs68PkgjDVTrG1uRTx0GxFbuPbj96tVuj11pTnmFC > UR6IEOXKYr7iGOCRB3btfJhM0_AKQUfqKnRlrRscc8Kol-cSLWoYE9l5QqholImz > jT_cMnNIznW9E7CDyWXTsO70xnB4SkG6pXfLSjLLlxmPGiyon_-Te111V8uE83Il > zCYIb_NMXvtTIVc1jpspnTSD7xMbpL-2QgwUsAlMGzw > > From the above mail what I understand is that you have provided a plain > text value for the request parameter. But here the value of the request > parameter should be a JWT/JWS or JWE. After using a JWT if you still > observe the error please get back to us. > > Thanks, > > > > On Tue, Apr 10, 2018 at 9:37 AM, gayan gunawardana < > gmgunaward...@gmail.com> wrote: > >> Hi All, >> >> Sent below request, expecting *given_name* claim but ID Token doesn't >> have given_name claim when obtaining ID Token from Implicit grant type. >> >> *Request object * >> >> { >> "iss": "KqpUgGLpJaW5n5_OiAJlSnMiCiIa", >> "aud": "https://localhost:9444/oauth2/token", >> "response_type": "id_token token", >> "client_id": "KqpUgGLpJaW5n5_OiAJlSnMiCiIa", >> "redirect_uri": "http://localhost:8080/playground2/oauth2client", >> "scope": "openid", >> "state": "af0ifjsldkj", >> "nonce": "n-0S6_WzA2Mj", >> "max_age": 86400, >> "claims": { >> "userinfo": { >> "given_name": { >> "essential": true >> } >> }, >> "id_token": { >> "given_name": { >> "essential": true >> }, >> "acr": { >> "values": [ >> "urn:mace:incommon:iap:silver" >> ] >> } >> } >> } >> } >> >> *ID Token* >> >> { >> "at_hash": "A73K_CSStq6fs611ZzFs7A", >> "sub": "admin", >> "aud": [ >> "KqpUgGLpJaW5n5_OiAJlSnMiCiIa" >> ], >> "azp": "KqpUgGLpJaW5n5_OiAJlSnMiCiIa", >> "amr": [], >> "iss": "https://localhost:9444/oauth2/token", >> "exp": 1523335098, >> "nonce": "n-0S6_WzA2Mj", >> "iat": 1523331498, >> "sid": "e7278e7c-224b-45c2-a8e0-e5f36cb77b47" >> } >> >> >> [1] https://docs.wso2.com/display/IS550/Passing+OIDC+Authenticat >> ion+Request+Parameters+in+a+Request+Object >> [2] https://docs.wso2.com/display/IS550/Request+Object+Support >> >> Thanks, >> Gayan >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > Hasanthi Dissanayake > > Senior Software Engineer | WSO2 > > E: hasan...@wso2.com > M :0718407133| http://wso2.com <http://wso2.com/> > -- Gayan
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev