Giuseppe De Marco

https://docs.python.org/3/library/enum.html that would prevent the creations of deprecated or unusable configuration fields

https://github.com/IdentityPython/oidc-op/pull/155/files#diff-fdd667e49ac1308c4888bce310067fbe8ffeee845186585dea4533179bca562fL228 we also need a timeslack paramenter (an integer in seconds) in the general configuration of an entity to have a more relaxed validation of exp

https://www.rfc-editor.org/rfc/rfc9126.html here https://github.com/IdentityPython/oidc-op/blob/master/docs/source/index.rst and also an usage example would be appreciated!

feat: Claims Aggregation

1

https://openid.net/specs/openid-connect-claims-aggregation-1_0.html this may introduce VC in oidcmsg? @rohe Probably we should have a separate library to handle VC and VP if you agree

feat: SIOP

1

https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued

The policy for doing JWE instead of JWS could be quite complex. Definitely per audience (RP/RS). Now, if there is more then one entity as audience then you suddenly has...

In usage_rules ,which is set per grant, we can specify the life time of a token but also how many times a token can be used. https://github.com/IdentityPython/oidc-op/blob/41d7f5e86ad086b6b3c266d1b92d54cbfe2b8733/example/flask_op/config.json#L68 For instance an...

standing on this example: https://github.com/IdentityPython/oidc-op/issues/97#issuecomment-859538350

@nsklikas We don't have a documentation about how to use this endpoint, would you like to put an example in the documentation as already done for token introspection? @rohe I...

PublicID sub_func takes sector_identifier (it would be for "scoped" needs, standing on what eduPersonUniqueID proposes to be) but it doesn't use it in sub generation. https://github.com/IdentityPython/oidc-op/blob/0fe80673e0478fb7d4a77e54b73733325eff5c45/src/oidcop/session/manager.py#L56 standing on the general...