gudmundurjon
commented
4 years ago Styðja bæði pre-step og integration sjá (03. Implementation Guidelines V1.3.4_20190705.pdf, kafli 4.3)
Closed gudmundurjon closed 4 years ago
gudmundurjon
commented
4 years ago Styðja bæði pre-step og integration sjá (03. Implementation Guidelines V1.3.4_20190705.pdf, kafli 4.3)
gislikonrad
commented
4 years ago Hægt væri að búa til short-lived token með amr claim value "user", eins og fjallað er um hjá ietf.
Þjónustan gæti assertað þessu claimi og séð þá að það er búið að framkvæma sca. Hægt er svo að invalidate'a tokenið eftir að aðgerðin er framkvæmt.
gudmundurjon
commented
4 years ago Gætirðu líst í skrefum nákvæmlega hvernig þetta væri mögulegt?
gislikonrad
commented
4 years ago Eigum við kannski að enduropna þetta issue, þá? Annars finnst manni það frekar tilgangslaust...
The XS2A API will allow an ASPSP to implement OAuth2 as a support for the authorization of the PSU towards the TPP for the payment initiation and/or account information service. In this case, the TPP will be the client, the PSU the resource owner and the ASPSP will be the resource server in the abstract OAuth2 model.
This specification supports two ways of integrating OAuth2. The first support is an authentication of a PSU in a pre-step, translating this authentication into an access token to be used at the XS2A interface afterward. This usage of OAuth2 will be referred to in this specification as "if OAuth2 has been used as PSU authentication". Further details shall be defined in the documentation of the ASPSP of this XS2A interface.
The second option to integrate OAuth2 is integration as an OAuth2 SCA Approach to be used for authorization of payment initiations and consents. In both services, PIS and AIS, OAuth2 will in this option be used in an integrated way, by using the following steps: [...]