From 4150131276f4e03287bc4e2d7008cb4877a83549 Mon Sep 17 00:00:00 2001 From: Ted Thibodeau Jr Date: Mon, 12 Aug 2019 11:16:22 -0400 Subject: [PATCH] change explanatory text to match code it explains as [previously flagged](https://github.com/solid/webid-oidc-spec/pull/27#discussion_r310652706) --- application-user-workflow.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application-user-workflow.md b/application-user-workflow.md index 9acad06..fe7f463 100755 --- a/application-user-workflow.md +++ b/application-user-workflow.md @@ -331,7 +331,7 @@ GET https://secureauth.example/authorize?scope=openid&client_id=7243fd594bdcf9c7 That URL might look a little complex, but it's essentially a request to `https://secureauth.example/authorize` with the following URL parameters: - - `scope=openid`: a list of [OIDC scopes](https://auth0.com/docs/scopes/current/oidc-scopes) (attributes of the RS to which this token should have access). `open_id` is a scope that is needed to verify Alice's identity. + - `scope=openid`: a list of [OIDC scopes](https://auth0.com/docs/scopes/current/oidc-scopes) (attributes of the RS to which this token should have access). `openid` is a scope that is needed to verify Alice's identity. - `client_id=7243fd594bdcf9c71a9b902274afaa30`: indicates the id of the client. The value for this field should be obtained in the registration phase. - `response_type=id_token%20token` indicates the desired response data. Note that you cannot use response types that were not previously indicated during registration. - `request=eyJhbGciOiJub25lIn0.eyJyZWRpc...`: A JWT containing the public key of the client and signed by the client using the private key. This is unique to WebID-OIDC. We will eventually use this to generate our pop-token. @@ -491,4 +491,4 @@ With OP public keys obtained, the RS can confirm if the id_token was signed by t #### 10. Returns Result -Given all went well, the RS should return the requested content. \ No newline at end of file +Given all went well, the RS should return the requested content.