Max Batischev

Hi @sjohnr. I think this issue should be split into two issues: "Add support Oauth 2.0 Step-up Authentication Challenge Protocol for resource server" and "Add support Oauth 2.0 Step-up Authentication...

@sjohnr tanks for your feedback! > I would also like to know if there is strong demand for supporting this specification. I opened this issue for a reason. There is...

Hi @marcusdacoregio. Can I take this to work?

Hi @jgrandja , you can see the implementation of this specification, for example, in [keycloack](https://github.com/keycloak/keycloak-community/blob/main/design/client-initiated-backchannel-authentication-flow.md). Personally, I think ciba is a very important flow, it can be used to authenticate...

@jgrandja I don't know why the document status is draft this, but CIBA is implemented in Keycloak and you can easily find a guide on how to set it up....

Hey @iigolovko thanks for your valuable suggestion, but it would be better to create a ticket for this feature. It is quite possible that as a result of discussion we...

I can suggest a simple solution - add `setServerLogoutSuccessHandler`. This will allow you to implement your `RedirectServerLogoutSuccessHandler` and pass it to `OidcClientInitiatedServerLogoutSuccessHandler`, for example: ``` public class RedirectOidcServerLogoutSuccessHandler extends RedirectServerLogoutSuccessHandler...

Hi @jzheaux this is a very interesting solution. I considered this solution, but I was confused by the fact that such an implementation is rarely found in the spring security...

@jzheaux I agree it looks unsafe. @stipx said: "In order to be able to work with some restrictive SSO implementations sometimes additional parameters are needed (like "state") in order that...

@jzheaux good solution! I have updated PR.