Mark

Awesome. When can we have it? Only kidding.

Thank you for giving it a go, it's a real head-scratcher for sure. I figured those MVC parts would get in the way. Default action results, request binding, etc. I'm...

I've forked and am part way through an attempt. Not sure how much time I can spend on it over the next week or so but will report back with...

@mauroservienti I've made an attempt at some sort of separation of concerns in this [branch](https://github.com/markphillips100/ServiceComposer.AspNetCore/tree/inprocess-context). I stripped out a lot of what would be obsolete code but also code that...

@mauroservienti I further branched off that branch with a slightly amended implementation to support abstracting away the result type so as for the core not to be dependent on "result"...

@mauroservienti As predicted, I have another variation to consider :-) New branch at [generic-context](https://github.com/markphillips100/ServiceComposer.AspNetCore/tree/generic-context). This one generalizes composition context, handler and the registry as generic implementations so either endpoint-based (HttpRequest/IActionResult)...

Can I ask why not just have the cookie expiry set by the id_token lifetime instead? OpenIdConnectAuthenticationOptions's UseTokenLifetime value is true by default. Once the expiry time is reached a...

Sorry, I had assumed your login workflow was hosted by IS3. In my assumed scenario if the cookie has expired or rejected by the cookie middleware and the user hasn't...

For the Cordova implementation, which internally uses InAppBrowser for communicating with an Identity Server, the redirect URI is used to inform the oidc library that the browser session should end...

Inappbrowser just detects for the presence of the redirect Uri that is sent back with the token at the end of the login flow. Once it detects the Uri it...