-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error Formatting with OpenID/OAuth 2.0 Standards #172
Comments
Whenever OIDC and OAuth2 are used in CAMARA the error responses MUST follow the respective OIDF and IETF standard. Since this issue is recurring, it looks that Section 6 of API Design Guidelines needs to be updated. |
Please also refer to #129 (comment) OIDC and OAuth2 have their own error formats and within CAMARA, Service APIs are defined whose error format is defined in Commonalities Design Guidelines, so as it has not to be the same as defined for OpenID/OAuth 2.0 |
Which working group is responsible for this? |
If the CAMARA standard is to be adopted by others, it should be defined in the same manner as OpenID/OAuth 2.0 to ensure consistency and simplify integration. |
To be indicated in PR #213 |
Problem Description:
The current error formatting structure in the camera project diverges from the established standards of OpenID/OAuth 2.0. Although it includes fields like
status
,code
, andmessage
, as outlined in the providedErrorInfo
, it lacks key components such aserror
,error_description
, and optionallyerror_uri
, which are vital for effective error handling according to OpenID/OAuth 2.0 standards.Here is the existing
ErrorInfo
structure:Expected Behavior:
To ensure compliance with OpenID/OAuth 2.0 standards, the error formatting for the camera project should include the following fields:
error
: Represents the error code or identifier.error_description
(optional): Provides a human-readable explanation of the error.error_uri
(optional): Includes a URI that offers additional information about the error.Alternative Solution:
Alternatively, to align with OpenID/OAuth 2.0 standards, the camera project's error formatting can be updated as follows:
Additional Context:
These suggested modifications closely adhere to the specifications outlined in the OpenID/OAuth 2.0 standard. For further clarity, please refer to the documentation provided in RFC 6749 - The OAuth 2.0 Authorization Framework, Section 4.1.2.1.
The text was updated successfully, but these errors were encountered: