[
https://issues.apache.org/jira/browse/OLTU-106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13661334#comment-13661334
]
Simone Tripodi commented on OLTU-106:
-------------------------------------
I think that the basic idea is good - inheriting from existing JWT - the
implementation is less good for the following reasons:
* to build an IDToken, that extends JWT, it is required a JWT; the IDToken
token construction should not be JWT aware, since it is an extension;
* same for IDToken.Builder();
* JWTUtils is not the place where exposing getString/Long methods, since they
don't encapsulate the 3rd part dependency JSONObject - if you intend to keep
that APIs ATM, I'd suggest you to move that methods to
org.apache.oltu.oauth2.common.utils.JSONUtils...
* In order to applying inheritance, you had to change entities constructors
modifiers from private to public - not a big deal, but it would be better
keeping that objects construction via Builder only.
HTH
> Create the IDToken JWT extension from OpendIdConnect
> ----------------------------------------------------
>
> Key: OLTU-106
> URL: https://issues.apache.org/jira/browse/OLTU-106
> Project: Apache Oltu
> Issue Type: Sub-task
> Components: oidc
> Reporter: Antonio Sanso
> Attachments: OLTU-108-patch.txt
>
>
> the 2.2 section of the OpenID Connect specification. from [0] specifies the
> IDToken as an extension of a JWT.
> [0] openid.net/specs/openid-connect-basic-1_0.html
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
