authzen icon indicating copy to clipboard operation
authzen copied to clipboard
verified publisher icon openid

Reason object being put inside a field called 'context' looks confusing

Open jogu opened this issue 1 year ago • 1 comments

https://openid.net/specs/authorization-api-1_0-01.html#section-6.2.3 defines a 'reasons' object that's put inside a field called 'context'. It looks a bit confusing. (e.g. putting it inside a field called 'reasons' would look simpler, or perhaps calling it the 'context reasons object' or some similar name).

It might be helpful if there was a clear defined way to identify if what is in the context field is a reasons object or not.

jogu avatar Sep 19 '24 07:09 jogu

+1 on he remark here. Especially with the reason having id. It sounds like it should be reasons as JSON array of multiple reason pointing to the element to evaluate depending on the elements to evaluate at least.

Proposed format for https://openid.github.io/authzen/#name-reason-object

{
  "decision": true,
  "context": {
    "reasons": [
      {
        "id": "0",
        "reason_admin": {
          "en": "Request failed policy C076E82F"
        },
        "reason_user": {
          "en-403": "Insufficient privileges. Contact your administrator",
          "es-403": "Privilegios insuficientes. Póngase en contacto con su administrador"
        }
      }
    ]
  }
}

identitymonk avatar Mar 10 '25 20:03 identitymonk

Linking to #278 and #264

davidjbrossard avatar Jun 20 '25 21:06 davidjbrossard