oidc-op
oidc-op copied to clipboard
IdentityPython
An implementation of an OIDC Provider (OP)
There is a lot of code shared between https://github.com/IdentityPython/oidc-op/blob/master/src/oidcop/oauth2/token.py and https://github.com/IdentityPython/oidc-op/blob/master/src/oidcop/oidc/token.py. We should refactor the helper classes so that duplicate code is removed
The code in https://github.com/IdentityPython/oidc-op/blob/master/src/oidcop/token/handler.py#L172 doesn't make much sense to me. Why do we always have to create that jwks? Why do we always write it to disc? If I understand...
The policy for doing JWE instead of JWS could be quite complex. Definitely per audience (RP/RS). Now, if there is more then one entity as audience then you suddenly has...
In usage_rules ,which is set per grant, we can specify the life time of a token but also how many times a token can be used. https://github.com/IdentityPython/oidc-op/blob/41d7f5e86ad086b6b3c266d1b92d54cbfe2b8733/example/flask_op/config.json#L68 For instance an...
standing on this example: https://github.com/IdentityPython/oidc-op/issues/97#issuecomment-859538350
@nsklikas We don't have a documentation about how to use this endpoint, would you like to put an example in the documentation as already done for token introspection? @rohe I...
PublicID sub_func takes sector_identifier (it would be for "scoped" needs, standing on what eduPersonUniqueID proposes to be) but it doesn't use it in sub generation. https://github.com/IdentityPython/oidc-op/blob/0fe80673e0478fb7d4a77e54b73733325eff5c45/src/oidcop/session/manager.py#L56 standing on the general...