oauth-play issueshttps://scm.uninett.no/asm/oauth-play/-/issues2019-01-29T13:19:32+01:00https://scm.uninett.no/asm/oauth-play/-/issues/1nonce required for oidc implicit flow2019-01-29T13:19:32+01:00Jon Kåre Hellannonce required for oidc implicit flowAccording to the spec for OIDC implicit flow - https://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthRequest - 'nonce' is required. Authengine now enforces this, and oauth-play has to be updated.
We now get
```
{
"error...According to the spec for OIDC implicit flow - https://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthRequest - 'nonce' is required. Authengine now enforces this, and oauth-play has to be updated.
We now get
```
{
"error": "invalid_request",
"error_description": "Nonce is required when requesting id_token from authorization endpoint",
"error_uri": "https://docs.dataporten.no"
}
```