Aurélien Bompard
Aurélien Bompard
Thanks for posting here @brucewilson ! It looks like this relies on the [RP-Initiated Logout](https://openid.net/specs/openid-connect-rpinitiated-1_0.html) spec, which is not a draft anymore. There is even [an Authlib ticket](https://github.com/lepture/authlib/issues/500) about implementing...
> @abompard I haven't touched the CMake code in a while. Walk me a bit through what's going on here and in your setup. Of course, thanks for responding. >...
Huh, now I can't recall where this file is coming from. I thought it was from upstream, but it's not, actually. I'll get back to you shortly.
Turns out I had written this file myself and failed to name it properly :facepalm: Sorry for wasting your time.
Hmm, I don't think that this library can have any control over how the identity provider is redirecting to your app. Or can it?
I agree that the default callback handler should check that the redirected URL is either relative or on the same domain.
Hi! That's surprising, flask-oidc provides a blueprint named `oidc_auth` and registers it with the app when the extension is instantiated (or when `init_app()` is called). How is the `OpenIDConnect` object...
In theory you should be able to refresh you access token as long as the refresh token is still valid. Could you add a `raise` in the except block at...
Hey! Unfortunately I'm not aware of this datagrepper deployment. Could you please contact the person in Red Hat that is responsible for it? I'm happy to help debug things if...
Unfortunately, it looks like the CA needs to be entirely regenerated, because the CA cert is also missing the critical extention on Basic Constraints. This means regenerating all the certs...