Comments (4)
The RFC is too vague on this point, needs clarification:
Each service MUST define an
oauth
serviceEndpoint. This endpoint is either the URL of the authorization server, or in case of a compound service an URI which resolves to another service. In order for the client to resolve the authorization server endpoint it MUST look up theauth
service endpoint of the service.
- does "it MUST look up the
auth
service endpoint of the service." apply to the compound endpoints? - is
auth
a typo which should've beenoauth
?
https://nuts-foundation.gitbook.io/drafts/rfc/rfc003-oauth2-authorization
from nuts-node.
maybe we should solve the service CRDT problem first, which might result in abandoning the service reference concept...
from nuts-node.
maybe we should solve the service CRDT problem first, which might result in abandoning the service reference concept...
services will be immutable, but still referenceable via URI query params. So RFC003 needs a clarification?
from nuts-node.
there's a bit more involved:
- create a bearer token => requires the oauth service id. There's support for scope <- use as bolt? Renaming to service might be better
- use vdr to resolve the service ID,
- create token
- The token is only useable at the url defined by the service ID. Now it's up to the user to use it. The service could return the URL/Service as return value next to the token.
from nuts-node.
Related Issues (20)
- Resolve DID and find authorization server metadata HOT 1
- use presentation definition endpoint to get presentation definition from other party HOT 5
- handle access token request with all correct VP validations HOT 1
- Accept interfaces, return structs
- Are we using the context package correctly? HOT 1
- check if VP, presentation submission and scope match with presentation definition
- construct VP in the correct format (check metadata)
- Support did:key HOT 2
- VCR: Harden VC/VP verifying
- Document supported protocols, VC/VP formats and DID methods HOT 1
- Support Submission Requirement feature for PE
- support access token introspection (api and internals)
- OpenID4VP: Test compatibility with Microsoft Authenticator wallet HOT 3
- Moving away from shared network state HOT 1
- Use Case List ("Registry") HOT 2
- Support RevocationStatusList202X HOT 1
- Support data exchanges without NutsAuthorizationCredentials HOT 1
- ValidDuration param ignored for BehandelaarLogin means
- Support path_nested in Presentation Exchanges HOT 1
- Validate PEX definitions and submissions against JSON schema HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nuts-node.