-
-
Notifications
You must be signed in to change notification settings - Fork 358
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: only use allowed characters in error_description #526
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Replace LF and quotes with `.` and `'` to match allowed and recommended character set defined in various RFCs. Closes #525
aeneasr
force-pushed
the
fix-error-conformity
branch
from
November 4, 2020 10:36
8a7ecb5
to
811e5e2
Compare
aeneasr
added
corp/m3
Up for M3 at Ory Corp.
blocking
Blocks milestones or other issues or pulls.
bug
Something is not working.
labels
Nov 4, 2020
Allows all request object signing algorithms when the client has not explicitly allowed a certain algorithm. This follows the spec: > *request_object_signing_alg - OPTIONAL. JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects from this Client MUST be rejected, if not signed with this algorithm. Request Objects are described in Section 6.1 of OpenID Connect Core 1.0 [OpenID.Core]. This algorithm MUST be used both when the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). Servers SHOULD support RS256. The value none MAY be used. The default, if omitted, is that any algorithm supported by the OP and the RP MAY be used.
Resolves failing OIDC conformity test "oidcc-request-uri-unsigned".
mitar
reviewed
Nov 4, 2020
mitar
reviewed
Nov 4, 2020
mitar
reviewed
Nov 4, 2020
mitar
reviewed
Nov 4, 2020
mitar
reviewed
Nov 4, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Replace LF and quotes with
.
and'
to match allowed and recommended character set defined in various RFCs.Closes #525
Related issue
Proposed changes
Checklist
vulnerability. If this pull request addresses a security vulnerability, I
confirm that I got green light (please contact
[email protected]) from the maintainers to push
the changes.
Further comments