Skip to content
This repository has been archived by the owner on Sep 1, 2020. It is now read-only.

OP-Req-max_age=10000 #186

Open
DecorteHannes opened this issue Sep 12, 2019 · 2 comments
Open

OP-Req-max_age=10000 #186

DecorteHannes opened this issue Sep 12, 2019 · 2 comments
Assignees
@selfissued

Comments

@DecorteHannes
Copy link

Hello,

We fail the test "OP-Req-max_age=10000" because the auth_time for both flows is not the same.

  1. Due to security restrictions of the authentication method used (we have no influence on that), users need to authenticate every time a flow is performed to get a token. So there is no concept of session on the authentication provider. So the auth_time will never be the same.
  2. As we read the specifications the max-age does not require the auth_time to be the same, it requires that the auth_time is not to long age (10.000 seconds in this case). So the test seems to be "wrong" = Wrong in our case when there is no session on the authentication provider.

This results in the fact that we cannot pass certification.

Any thoughts or comments?

Regards
Hannes
@zandbelt
Copy link

see #184

@DecorteHannes
Copy link
Author

@zandbelt: Thanks. Searched for open issue but did not find it.

@DecorteHannes DecorteHannes mentioned this issue Sep 12, 2019
Open
@selfissued selfissued self-assigned this Oct 11, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@selfissued selfissued

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zandbelt @selfissued @DecorteHannes