ignisvulpis

   if (window.openid) { don't show the nascar }


   window.openid.getPreferredOpenidProvider(callback);

    var parameters = {};
    parameters.response_type="id_token";
    parameters.client_id="https://server.example.com/seminar/callback.html";
    parameters.request = "eyJhbGciOiJSUzI1NiIsIng1dSI6Imh0dHBzOlwvXC9nYWJ1bm9taS5uZXRcL3NlbWluYXJcL3JzYV9wdWJsaWNfa2V5LnBlbSJ9.ewoJInJlc3BvbnNlX3R5cGUiOiAiaWRfdG9rZW4iLAoJInNjb3BlIjogIm9wZW5pZCIsCgkiY2xpZW50X2lkIjogImh0dHBzOi8vZ2FidW5vbWkubmV0L3NlbWluYXIvY2FsbGJhY2suaHRtbCIsCgkicG9saWN5X3VybCI6ICJodHRwczovL2dhYnVub21pLm5ldC9zZW1pbmFyL3BvbGljeS5odG1sIiwKCSJ1c2VyaW5mbyI6IHsKCQkiY2xhaW1zIjogewoJCQkibmFtZSI6IG51bGwsCgkJCSJlbWFpbCI6IG51bGwsCgkJCSJwaWN0dXJlIjogbnVsbAoJCX0KCX0sCgkicmVnaXN0cmF0aW9uIjogewoJCSJhcHBsaWNhdGlvbl9uYW1lIjogIlNhbXBsZSBTZW1pbmFyIiwKCQkibG9nb191cmwiOiAiaHR0cHM6Ly9nYWJ1bm9taS5uZXQvc2VtaW5hci9sb2dvLnBuZyIsCgkJIng1MDlfdXJsIjogImh0dHBzOi8vZ2FidW5vbWkubmV0L3NlbWluYXIvcnNhX3B1YmxpY19rZXkucGVtIgoJfQp9Cg.Faytuhwb2W4CWVz2-10umSieh-bqR7QXqU0bNF39u_D0mGoBD4e3X2b4jZNqPvPADSnQhlBGSJu189iFM5bwFzchnO-quCpj7T2CK_-wkrpL5LUn_WHYMmYlFadmb-a1p-TEo7exU9azMS9cT70-kHNqmTaJziZyiAMoJ0Q4TtyTt1Xbkknc_CQRug3ilNv3bEXSlOlva3HUOY7jQIbYMB3jDL3QxS1wbVYNAjOxCxCDmiNAUJA-BkYe6Tpyj-DUs57IM4wQSp64sqim8RqirJJfFb4bCbNTkC3G8sYfN2_1-qEDpOnWW7N3gjl174TWHbnzVLAZGg_rZm58-wHOLw";
    parameters.state="509b9cafd3119";
    parameters.nonce="509b9cafd34fd";

    window.openid.connect(parameters, oc_callback);

oc_callback
function oc_callback(resp) {
  // resp contains a signed then encrypted id_token in jw-* format
  // https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption
  // https://tools.ietf.org/html/draft-ietf-jose-json-web-signature
  // state and nonce are inside the resp parameter too
  // need a private key to decrypt it so forward it to my own validation endpoint
  $.post("validate.php", { resp: resp },
   function(id_token) {
     alert("returned id_token: " + id_token);
   }); 
}

 openssl ec -in key1.pem -text
read EC key
Private-Key: (256 bit)
priv:
    07:2f:23:22:c0:e7:5e:0c:85:17:64:b4:21:81:99:
    67:78:fd:22:59:2f:87:e5:d4:38:36:09:74:29:a1:
    c3:fc
pub:
    04:ed:3c:83:1b:f3:e1:05:9f:12:07:7f:4b:e4:fd:
    fe:90:55:73:d1:c6:76:45:b4:7d:48:64:ea:17:9d:
    de:99:86:a9:a6:ad:34:27:4a:80:fc:94:b3:a5:ef:
    6c:6e:78:2c:22:7a:39:63:a6:a4:26:50:97:6d:a6:
    ad:e9:90:a1:61
ASN1 OID: prime256v1
writing EC key
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIAcvIyLA514MhRdktCGBmWd4/SJZL4fl1Dg2CXQpocP8oAoGCCqGSM49
AwEHoUQDQgAE7TyDG/PhBZ8SB39L5P3+kFVz0cZ2RbR9SGTqF53emYappq00J0qA
/JSzpe9sbngsIno5Y6akJlCXbaat6ZChYQ==
-----END EC PRIVATE KEY-----

  static final String ec256_a_priv = "072f2322c0e75e0c851764b42181996778fd22592f87e5d43836097429a1c3fc";
  static final String ec256_b_priv = "1a3eda89dc067871530601f934c6428574f837507c578e45bd10a29b2e019bfb";

  ASN1ObjectIdentifier oid = ECUtil.getNamedCurveOid("secp256r1");
  X9ECParameters x9ECParameters = ECUtil.getNamedCurveByOid(oid);
  byte[] ec256_a_priv_bytes = Hex.decode(ec256_a_priv);
  ec256_a_D = new BigInteger(1, ec256_a_priv_bytes);
  ECPoint pub = x9ECParameters.getG().multiply(ec256_a_D);
  ec256_a_X = pub.getX().toBigInteger();
  ec256_a_Y = pub.getY().toBigInteger();

{"alg":"ECDH-ES",
"enc":"A256GCM",
"iv":"__79_Pv6-fg",
"crv":"secp256r1",
"x":"AO08gxvz4QWfEgd_S-T9_pBVc9HGdkW0fUhk6hed3pmG",
"y":"AKmmrTQnSoD8lLOl72xueCwiejljpqQmUJdtpq3pkKFh"}

eyJhbGciOiJFQ0RILUVTIiwNCiJlbmMiOiJBMjU2R0NNIiwNCiJpdiI6Il9fNzlfUHY2LWZnIiwNCiJjcnYiOiJzZWNwMjU2cjEiLA0KIngiOiJBTzA4Z3h2ejRRV2ZFZ2RfUy1UOV9wQlZjOUhHZGtXMGZVaGs2aGVkM3BtRyIsDQoieSI6IkFLbW1yVFFuU29EOGxMT2w3Mnh1ZUN3aWVqbGpwcVFtVUpkdHBxM3BrS0ZoIn0
  ECDHBasicAgreement ecdhBasicAgreement = new ECDHBasicAgreement();
  ecdhBasicAgreement.init(ecPrivateKeyParameters);
  BigInteger z = ecdhBasicAgreement.calculateAgreement(ecPublicKeyParameters);
  byte[] zBytes = BigIntegers.asUnsignedByteArray(z);
  KDFConcatGenerator kdfConcatGenerator = new KDFConcatGenerator(kdfDigest);
  kdfConcatGenerator.init(new KDFParameters(zBytes, null));
  byte[] out = new byte[12 + (keylength / 8)];
  kdfConcatGenerator.generateBytes(out, 0, out.length);
  byte[] secretKeyBytes = new byte[keylength / 8];
  byte[] ivBytes = new byte[12];
  System.arraycopy(out, 0, ivBytes, 0, 12);
  System.arraycopy(out, 12, secretKeyBytes, 0, secretKeyBytes.length);

ECDH-ES contentEncryptionKey=Y8-fcu11np1l3qlgpGq0XF58Cv2n4DOJ8lkdl2gRXgI
ECDH-ES jwtSymmetricKeySegment base64: _vZ-N5fs3_uJ9o-woDOzKZBQopZRi4EfZVNB4UWqdCjappfoOFCZPTUBDruWAtWY
ECDH-ES jwtCryptoSegment base64: psSi2xa7oY1pmK1m9GGXREr9YB6QUdOtK_Jl_nnKYpmKGHL577tUdadK8H_yacb78bBlyTnrTx51pmxyo6UJMM9c_P-lOfMiMslvS-3t1vD5HiOq0Rg

 
https://connect-op.heroku.com/.well-known/openid-configuration
 
{
  "version":"3.0",
  "issuer":"https://connect-op.heroku.com",
  "authorization_endpoint":"https://connect-op.heroku.com/authorizations/new",
  "token_endpoint":"https://connect-op.heroku.com/access_tokens",
  "userinfo_endpoint":"https://connect-op.heroku.com/user_info",
  "check_id_endpoint":"https://connect-op.heroku.com/id_token",
  "registration_endpoint":"https://connect-op.heroku.com/connect/client",
  "scopes_supported":[
    "openid",
    "profile",
    "email",
    "address",
    "PPID"
  ],
  "response_types_supported":[
    "code",
    "token",
    "id_token",
    "code token",
    "code id_token",
    "id_token token"
  ],
  "user_id_types_supported":[
    "public",
    "pairwise"
  ],
  "x509_url":"https://connect-op.heroku.com/cert.pem"
}
https://openidconnect.info/.well-known/openid-configuration
 
{
  "version":"3.0",
  "issuer":"https://openidconnect.info/",
  "authorization_endpoint":"https://openidconnect.info/connect/authorize",
  "token_endpoint":"https://openidconnect.info/connect/token",
  "user_info_endpoint":"https://openidconnect.info/connect/userinfo",
  "check_id_endpoint":"https://openidconnect.info/connect/check_session",
  "registration_endpoint":"https://openidconnect.info/connect/register",
  "scopes_supported":[
    "openid",
    "profile",
    "email",
    "address",
    "PPID"
  ],
  "flows_supported":[
    "code",
    "token",
    "code id_token",
    "token id_token"
  ],
  "identifiers_supported":[
    "public",
    "ppid"
  ]
}
https://connect.openid4.us/.well-known/openid-configuration


{
  "version":"3.0",
  "issuer":"https:\/\/connect.openid4.us",
  "authorization_endpoint":"https:\/\/connect.openid4.us\/abop\/op.php\/auth",
  "token_endpoint":"https:\/\/connect.openid4.us\/abop\/op.php\/token",
  "userinfo_endpoint":"https:\/\/connect.openid4.us\/abop\/op.php\/userinfo",
  "check_id_endpoint":"https:\/\/connect.openid4.us\/abop\/op.php\/check_id",
  "refresh_session_endpoint":"https:\/\/connect.openid4.us\/abop\/op.php\/refreshsession",
  "end_session_endpoint":"https:\/\/connect.openid4.us\/abop\/op.php\/endsession",
  "jwk_url":"https:\/\/connect.openid4.us\/connect4us.jwk",
  "jwk_encryption_url":"https:\/\/connect.openid4.us\/connect4us.jwk",
  "x509_url":"https:\/\/connect.openid4.us\/connect4us.pem",
  "x509_encryption_url":"https:\/\/connect.openid4.us\/connect4us.pem",
  "registration_endpoint":"https:\/\/connect.openid4.us\/abop\/op.php\/registration",
  "scopes_supported":[
    "openid",
    "profile",
    "email",
    "address"
  ],
  "response_types_supported":[
    "code",
    "token",
    "id_token"
  ],
  "acrs_supported":[
    "http:\/\/www.idmanagement.gov\/schema\/2009\/05\/icam\/openid-trust-level1.pdf"
  ],
  "user_id_types_supported":[
    "public",
    "pairwise"
  ],
  "userinfo_algs_supported":[
    "HS256",
    "RS256",
    "A128CBC",
    "A256CBC",
    "A128KW",
    "RSA1_5"
  ],
  "id_token_algs_supported":[
    "HS256",
    "RS256",
    "A128CBC",
    "A256CBC",
    "A128KW",
    "RSA1_5"
  ],
  "request_object_algs_supported":[
    "HS256",
    "RS256",
    "A128CBC",
    "A256CBC",
    "A128KW",
    "RSA1_5"
  ],
  "token_endpoint_auth_types_supported":[
    "client_secret_post",
    "client_secret_basic",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_algs_supported":[
    "HS256",
    "RS256"
  ]
}
 Happy testing!
 

window.openid.getPreferredOpenidProvider(callback);
if (window.openid) { don't show the nascar }
{"iss":"joe",
 "exp":1300819380,
 "http://example.com/is_root":true}
{"typ":"JWT",
 "alg":"RE256",
 "x5t":"b9E8JDWjYefFiM0X9V9a098Bd6ZsFyemogCEX016uIw"}

{
  "CardId": "urn:GUID:6d6693c1-6b1a-df11-b009-00143851d232",
  "IssuerName": "stsip.systestv2.bceid.ca",
  "MimeType": "image/jpeg",
  "lang": "en-us",
  "TokenServiceList": [
    {
      "UserCredential": {
        "Type": "UserNamePasswordAuthenticate",
        "Username": "SBCEID\\pwiebe10i"
      },
      "Address": "https://stsip.systestv2.bceid.ca/adfs/services/trust/mex"
    },
    {
      "UserCredential": {
        "Type": "UserNamePasswordAuthenticate",
        "Username": "SBCEID\\pwiebe10i"
      },
      "Address": "https://stsip.systestv2.bceid.ca/adfs/services/trust/mex"
    }
  ],
  "SupportedTokenTypeList": ["http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"],
  "Issuer": "http://stsip.systestv2.bceid.ca/adfs/services/trust",
  "CardVersion": 4,
  "SupportedClaimTypeList": [
    {
      "Description": "Level of Assurance achieved according to the rules of the ICAM IMI 1.0 profile located at http://www.idmanagement.gov/",
      "Uri": "http://idmanagement.gov/icam/2009/09/imi_1.0_profile#assurancelevel1",
      "DisplayTag": "ICAM Assurance Level 1"
    },
    {
      "Uri": "http://www.cio.gov.bc.ca/standards/claims/2009/11/useridentifier",
      "DisplayTag": "User Identifier"
    },
    {
      "Uri": "http://www.ocio.gov.bc.ca/standards/claims/2009/06/userdisplayname",
      "DisplayTag": "User Display Name"
    },
    {
      "Uri": "http://www.ocio.gov.bc.ca/standards/claims/2009/09/identityassurancelevel",
      "DisplayTag": "Identity Assurance Level"
    },
    {
      "Uri": "http://www.ocio.gov.bc.ca/standards/claims/2009/09/authoritativepartyidentifier",
      "DisplayTag": "AP Identifier"
    },
    {
      "Uri": "http://www.ocio.gov.bc.ca/standards/claims/2009/09/authoritativepartyname",
      "DisplayTag": "AP Name"
    },
    {
      "Uri": "http://www.cio.gov.bc.ca/standards/claims/2009/09/identityassurancelevel1",
      "DisplayTag": "Identity Assurance Level 1"
    },
    {
      "Description": "The e-mail address of the user",
      "Uri": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
      "DisplayTag": "E-Mail Address"
    },
    {
      "Description": "The given name of the user",
      "Uri": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
      "DisplayTag": "Given Name"
    },
    {
      "Description": "The unique name of the user",
      "Uri": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
      "DisplayTag": "Name"
    },
    {
      "Description": "The user principal name (UPN) of the user",
      "Uri": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn",
      "DisplayTag": "UPN"
    },
    {
      "Description": "The surname of the user",
      "Uri": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
      "DisplayTag": "Surname"
    },
    {
      "Description": "The private identifier of the user",
      "Uri": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier",
      "DisplayTag": "PPID"
    },
    {
      "Description": "The SAML name identifier of the user",
      "Uri": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
      "DisplayTag": "Name ID"
    },
    {
      "Description": "Used to display the time and date that the user was authenticated",
      "Uri": "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant",
      "DisplayTag": "Authentication time stamp"
    },
    {
      "Description": "The method used to authenticate the user",
      "Uri": "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod",
      "DisplayTag": "Authentication method"
    }
  ],
  "CardName": "BCeID Information Card",
  "TimeIssued": "2010-04-15T17:52:07.341Z",
  "RequireAppliesTo": false,
  "CardType": "urn:GUID:6d6693c1-6b1a-df11-b009-00143851d232",
  "CardImage": "/9j/4AAQSkZJRgABAQEAeAB4AAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCABQAHgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD340ZNBrg/FXxAGi301lbwGR4xhmCbhn9Py9qyrVoUo80jCviKdCPNUZr6l470TSbyO3u7pU3MFLZ+7k8Ej05/LtXS5NfJevXkuu+IYYVLLNczqiBjlRuIA+vNfV0TCOOOKSRTKFAPbJx6V6eNo0aMKc6cr8yv+VgoVXVTfQmzzS00dadXCbhRRRQAUUUUAFFFFABRRRQAUUUUAIa8M+KETWfiK6dJAY5grt3KsVHavUPGt5qNpoyf2asxkklCO0Kksq4PTHI7c15Le6ZqF4GMunXjseu6Fjn615ePqybVJU2+t+x4ebVZyaoxpuWzvY4a9037T5FyksiyqAYmVsFT1GD14Ne0atf3cNtAoupWEYWNsvlnKjBJPUnIJz6159ZeBL3U9UWNoZtPjQeYZ5YyNuCMbR3OSK7PUtGkWKNGv5ZCjeY5cAGRvUgdMnsK4uIs0hiaVCglyOG617K35M+m4YgneVSLW1rnqWmztc6ZaTuctJErMfUkc1brmvB+sRX1gLHyWims0VSC24MPUH+ldLXt4erGrSjOLumZ4ilKlVlCSsFFFFbGIUUUUAFFFFABRRRQAUUUUAIaMGlooAq3lhbX8apdRCRVOQCSMH8Konwvox62EZ/4E3+NTeIbuaw8NareW7BZ7ezlljYjOGVCQcH3Fckb3xJD4Eh8SQ6yJ5ltRdS29xbx+WwxkgFQCOPc0KipatIOdx2OxsNHsNMd3s7WOFnGGK55FXq5mbxlaWfgm38R3cbIs0SssCn5mdhwo/H9OaksbLXtStkutT1J7F5BuFpZon7oHszsCSfXGBTUOVdhOV2dFRXO2tvruneI4YpdQkv9JnifJliUPDIMEZZQMgjNblzdQ2kXmTyBF6c9z7UpNRV2xq7JqKy21RLiYWQFxazTITHIVXI9wDn9RXO+DtR1nVNc1uG/1RpYNNujBHGsMa+YPm5Yhc+nTFKnKNRNxewSTi0mdtRXBrea9cfEW60D+3JIrOO0F0rJbRb+SBtyVIxyea1NUj8T6Rave2F/HqixDc9rcwqjuo67WQAZ+orTk1tcnmOoorJ8N+ILTxNo0WpWmVVsq8bdY3HVTWtUtNOzKTuFFFFIAooooAxPGL+X4K1w4zmxmH5oR/WuQt/Dmr6x8OdNjttZYobSN/sckSiOUAZCFlw2O3Wu18S6dc6v4cv9OtHiSa5iMQaXO0A8Hp7ZrH0nSvFGm+HYNIE+lqYYvKW6BdmA6A7MAEj61rCVo/MiSuzgte8QLrnhPwvqL2q21raamsN1Cg+RCoGMe23P8q9pBBAIOQa5uy8EaVbeEW8OzK09vJlpZG4ZnPO/2PTH0pmlaf4k0G3SxSa01SziG2F53aGZV7AkBg2PXinNxkrLoKKa3OnZgqkngCuXtGutY1GW+SONo4iUh8xvlT3wOpqePTdZ1DWYrzVJbaG0gRxFaWzM5LsNu5mIGcAnAA707TtM1XTlkt4prfyWbIdgSw/CvMxcJOcFq49bdzqoySjJ9S/aaUIrs3lxKZ7kjAYjAUegFct4B/5GHxh/2Ej/AFrshHNBZlIWE0wBKmZiAze5AOB9BXMeFvD2taJrGq3V3JYSw6lcGdxE7hozzwMrz1HpXZQhGFNpaXMZtykmVLT/AJLVf/8AYJX/ANDWu5JAUk8Ada4dvDviaPxvJ4kgfS/ngFu1s0kmCnB+9t65HpWvf2Gv6zbNZz3Fpp1tKNsrWrNLKynqAzBQufXBraVnbUhXVznPhKh+x67PGCLSXUHMPoQPT9K9FqnpemWmjabDYWMQit4Vwqj+Z9SauVE5c0myoqysFFFFSMKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//Z"
}

Parameter Name	Value
n	[161, 248, 22, 10, 226, 227, 201, 180, 101, 206, 141, 45, 101, 98, 99, 54, 43, 146, 125, 190, 41, 225, 240, 36, 119, 252, 22, 37, 204, 144, 161, 54, 227, 139, 217, 52, 151, 197, 182, 234, 99, 221, 119, 17, 230, 124, 116, 41, 249, 86, 176, 251, 138, 143, 8, 154, 220, 75, 105, 137, 60, 193, 51, 63, 83, 237, 208, 25, 184, 119, 132, 37, 47, 236, 145, 79, 228, 133, 119, 105, 89, 75, 234, 66, 128, 211, 44, 15, 85, 191, 98, 148, 79, 19, 3, 150, 188, 110, 155, 223, 110, 189, 210, 189, 163, 103, 142, 236, 160, 198, 104, 247, 1, 179, 141, 191, 251, 56, 200, 52, 44, 226, 254, 109, 39, 250, 222, 74, 90, 72, 116, 151, 157, 212, 185, 207, 154, 222, 196, 199, 91, 5, 133, 44, 44, 15, 94, 248, 165, 193, 117, 3, 146, 249, 68, 232, 237, 100, 193, 16, 198, 182, 71, 96, 154, 164, 120, 58, 235, 156, 108, 154, 215, 85, 49, 48, 80, 99, 139, 131, 102, 92, 111, 111, 122, 130, 163, 150, 112, 42, 31, 100, 27, 130, 211, 235, 242, 57, 34, 25, 73, 31, 182, 134, 135, 44, 87, 22, 245, 10, 248, 53, 141, 154, 139, 157, 23, 195, 64, 114, 143, 127, 135, 216, 154, 24, 216, 252, 171, 103, 173, 132, 89, 12, 46, 207, 117, 147, 57, 54, 60, 7, 3, 77, 111, 96, 111, 158, 33, 224, 84, 86, 202, 229, 233, 161]
e	[1, 0, 1]
d	[18, 174, 113, 164, 105, 205, 10, 43, 195, 126, 82, 108, 69, 0, 87, 31, 29, 97, 117, 29, 100, 233, 73, 112, 123, 98, 89, 15, 157, 11, 165, 124, 150, 60, 64, 30, 63, 207, 47, 44, 211, 189, 236, 136, 229, 3, 191, 198, 67, 155, 11, 40, 200, 47, 125, 55, 151, 103, 31, 82, 19, 238, 216, 193, 90, 37, 216, 213, 206, 160, 2, 94, 227, 171, 46, 139, 127, 121, 33, 111, 198, 59, 234, 86, 39, 83, 180, 6, 68, 198, 161, 81, 39, 217, 178, 149, 69, 64, 160, 187, 225, 163, 5, 86, 152, 45, 78, 159, 222, 95, 100, 37, 241, 77, 75, 113, 52, 65, 181, 93, 199, 59, 155, 74, 237, 204, 146, 172, 227, 146, 126, 55, 245, 125, 12, 253, 94, 117, 129, 250, 81, 44, 143, 73, 97, 169, 235, 11, 128, 248, 168, 7, 70, 114, 138, 85, 255, 70, 71, 31, 52, 37, 6, 59, 157, 83, 100, 47, 94, 222, 30, 132, 214, 19, 8, 26, 250, 92, 34, 208, 81, 40, 91, 214, 59, 148, 59, 86, 93, 137, 138, 5, 104, 84, 19, 229, 60, 60, 108, 101, 37, 255, 31, 227, 78, 61, 220, 112, 240, 213, 100, 80, 253, 164, 139, 161, 46, 16, 78, 157, 235, 159, 184, 24, 129, 225, 196, 189, 242, 93, 146, 71, 244, 80, 200, 101, 146, 121, 104, 231, 115, 52, 244, 65, 79, 117, 167, 80, 225, 57, 84, 110, 58, 138, 115, 157]

ignisvulpis

FIDO Alliance

Javascript API for OpenID

ECDH-ES for JSON Web Encryption

Playing with Google's Identity Toolkit on openinfocard.org

Debugging OAuth2 SSL Connections

Identity Management @ RSA 2012 Europe

Myhabit.com unconfused

OpenID Connect Test Servers

Stackoverflow.com OpenID for Firefox Mobile Login

n dimensional Ping Space

OpenID for Firefox Mobile Android

All those NASCARs

OpenID for Firefox4

AES + Password Based Encryption for JSON Web Tokens

RSA Encrypting JSON

openinfocard drag and drop

Information Cards, WS-Trust and SAML and OAuth, oh my!

blogger.com refuses to obey to HTTPS Everywhere

Information Cards in JSON

URL as ID

HTML5 vs Flash

Application Secrets vs. Key Pairs

oauth 2.0 scope is the new black

XAuth is Evil

SHA256 et al in openinfocard


The OpenID icon in the toolbar