Dominick Baier
Dominick Baier
wsfed does not have an equivalent feature to prompt=login. That's OIDC only.
So you are saying we should do some validation to make sure the settings make sense?
e.g. the could be an extension method for Client like `ConfigureRefreshTokens(....)` That takes all the relevant settings, does validation and sets the properties. Otherwise we can only throw an exception...
Shouldn't IsActive be called in both cases - I am not quite sure I follow. Are you saying it would be easier if pre/post validation would exist - or are...
I didn't have the time yet to think this all through. But changing the interface is a breaking change.
Sorry - we are all really busy right now. We'll get to it ASAP.
No work has been done here yet. Feel free to analyze the specs yourself.
Yes you need to change the source code. In IdSrv3 this is configurable. See here: https://github.com/IdentityServer/IdentityServer3.WsFederation/blob/master/source/WsFederationPlugin/ResponseHandling/SignInResponseGenerator.cs#L171 The signature algorithm gets configured on the signing credentials - in v2 this would...
that's a good idea. We don't have the resource right now to implement that. But I will add this as a todo.
Feel free to start PR where we can discuss the changes you want to make.