OpenID Connect only supports Discovery that is meant to find your Provider based on some hint you give it (e-mail, account, URL, domain etc.); it won’t give you a persistent identifier for which you can delegate authentication to a configurable Provider of your choice. So if you only want to use a custom URI to … Read more
I’ve found the solution. It seems that if you follow this guide: https://www.ibm.com/developerworks/library/se-oauthjavapt3/index.html you will see that when you exchange the access code for the access token(/realms/{realm-name}/protocol/openid-connect/token) you need to add the same redirect_uri that you used when requesting the access code. It works for me now. Hope it helps, Adrian
Having not been able to get Uri.EscapeDataString to take on RFC 3986 behavior, I wrote my own RFC 3986 compliant escaping method. It leverages Uri.EscapeDataString, and then ‘upgrades’ the escaping to RFC 3986 compliance. /// <summary> /// The set of characters that are unreserved in RFC 2396 but are NOT unreserved in RFC 3986. /// … Read more
I’ve now spent some time researching the options and would like to summarize the findings. First, a little bit more context — I develop and control both the service and API consumer. Consumer is Flash-based app that is served from the same host the API is now and is supposed to be used in browser. … Read more
According to RFC2617 the auth-scheme can be anything; if you really want a 401 you’re not technically breaking spec by making something up like WWW-Authenticate: OpenID realm=”My Realm” location=”http://my/login/location”. Having said that, behaviour of other people’s code when you do that is of course undefined. 🙂
Originally, OAuth and OpenId are designed for different purpose: OpenId for authentication and OAuth for authorization. OpenId Connect is a unification of the two and serves for both, but does not change their original functionalities. Keeping that in mind, you should be able to find out yourself. 😉 The id_token is used to identify the … Read more
The openid4java library seems to be the most popular.