authlib icon indicating copy to clipboard operation
authlib copied to clipboard

Published 20 hours ago verified publisher icon lepture

OpenID Connect session management

Open azmeuk opened this issue 5 years ago • 3 comments
trafficstars

I suggest implementing the OpenID Connect session management draft in authlib, even if it is still a draft. There has been 30 iterations, so it feels quite stable now. Authlib could warn the user with a message like: this is a draft, API may brutally change to follow the draft iterations, use it at your own risks.

That would mean providing:

  • an addition session_state parameter to the authorization response;
  • a check_session_iframe endpoint, and iframe content;
  • a end_session_endpoint endpoint.

What do you think?

Related issues #500 #560 #561

azmeuk avatar Nov 13 '20 15:11 azmeuk

Hi @azmeuk

I would like to put a delay on this ticket. I'm working on to make an Authlib 1.0 release. This can be something later, maybe 1.2 or 1.3.

lepture avatar Nov 15 '20 09:11 lepture

For the record, the specification is not a draft anymore since september 12th

azmeuk avatar Oct 24 '22 10:10 azmeuk