support additional response_types
Opened this issue · 1 comments
dmfs commented
In order to support OpenID Connect it needs to be checked to which extend we need to support other response_type
s and response_mode
s and how these could be implemented (using as much of the existing code as possible).
Some open questions are:
- If the auth code token response also contains an
id_token
, why would I want to request it withrequest_type=code id_token
? - Likewise, why would I want to send a
request_type=code token id_token
? - If there are valid use cases for the two points above (which are not covered by
request_type=code
, how can we tellAuthorizationCodeGrant
to use the fragment rather than the query part of the redirect URL? Do we need anotherHybridGrant
for that? - How to tell an
ImplicitGrant
to also request theid_token
type? - (How) Do we support
ImplictGrant
with only aid_token
and notoken
? Maybe as a newImplicitIdTokenGrant
?
dmfs commented
This is an interesting read which explains why these types are needed: https://medium.com/@robert.broeckelmann/understanding-openid-connect-series-37c93d25e92b