identity 1.0 documentation

TODO/TBD

«  Active Directory & Connect   ::   Contents   ::   Resource  »

TODO/TBD

My Issue

OP Initiated Assertion

Token Forwarding

Disconnected

  • メディア企業、ビジネス、 社会基盤で興味の主眼が違う
images/domains.jpg
  • スペックコンポーネント化

    • Authorization Workflow (OAuth2)
    • Identity Assertion / Session (ID Token)
    • Attributes (UserInfo ....)
    • Request Extension ( Request Object )
    • Service ( API ,Schema , Tokens )
    • Discovery / Association / Registration
    • Security (JWT, JOSE)
    • Policy and Access Controll ( Account Linking, Policy Expression, Proxy, Delegation )
    • Smart Application and Browser

TODO

Todo

accounts is not properly implemented for negative responses.

(The original entry is located in /Users/hide/ve/docs/src/hdknr.github.com/src/identity/source/basic.rst, line 143.)

Todo

Sample of

  • invalid for requested resoure
  • malformed ID Token
  • incorrect format
  • expired

(The original entry is located in source/basic/3_3_3.rst, line 11.)

Todo

When is the id used for backwards compatibility.

(The original entry is located in source/basic/4_1.rst, line 27.)

Todo

Check RFC 5646 and BCP47.

(The original entry is located in source/basic/4_2.rst, line 13.)

Todo

June 19, 2012, Draft 21 is the latest ( http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-21 )

(The original entry is located in /Users/hide/ve/docs/src/hdknr.github.com/src/identity/source/bearer.rst, line 8.)

Todo

Check the RFC 5322 ( Internet Message Format )

(The original entry is located in source/discovery/2.1.2.rst, line 10.)

Todo

  • ECDSA must be implemented

(The original entry is located in /Users/hide/ve/docs/src/hdknr.github.com/src/identity/source/impl_jws.rst, line 7.)

Todo

pem_x509 can be None for session wise certificate negotiation. There should be the other utility which fetch and validate the certficate based on header decoded from jws_token .

(The original entry is located in source/python/jws_verify_token.rst, line 22.)

Todo

Find to load PEM private key secured with pass phrase.

(The original entry is located in source/csharp/rsa_sign.rst, line 15.)

Todo

keyEncipherment seems to be abrupt here. X.509 Key Usage for Connect should be described somewhere.

(The original entry is located in source/messages/4_2.rst, line 36.)

Todo

Signature validation error should be looked at JSON Web Signature (JWS).

(The original entry is located in source/messages/5_1_2.rst, line 16.)

Todo

Check error response... JW*? Connect bindings?

(The original entry is located in source/messages/5_1_3.rst, line 54.)

Todo

Check later....

(The original entry is located in source/reg/5.rst, line 12.)

Todo

Now Draft 05

(The original entry is located in /Users/hide/ve/docs/src/hdknr.github.com/src/identity/source/session.rst, line 8.)

«  Active Directory & Connect   ::   Contents   ::   Resource  »