We have our own OpenID Connect Provider. Also we have our own SDK for Relying Party, which creates requests and then parses result. And now we want to make work our Provider with Owin/Katana clients.
According to OpenID Connect Spec we can use a "Request" object http://openid.net/specs/openid-connect-core-1_0.html#JWTRequests , in which we can pass requested claims and values of the claims to OpenID Connect Provider.
So my first question is: how can I pass "Request" object with requested claims and their values using Owin/Katana middleware? I cannot find any way to do that using Microsoft.Owin.Security.OpenIdConnect assembly. Seems we can only request scopes, and that's all.
And the second question (it is not critical for us but nonetheless): does Owin support "query" response mode? By default Owin uses implicit flow and "form_post" response mode. But when I tried to use "query" response mode then I didn't have any result (our Provider redirected to redirect_uri with id_token in query parameter, but Owin didn't catch it, with "form_post" response mode everything worked fine). Tried this code:
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
...
Response_Mode = "query",
...
});
I will be grateful for any your help.
