Giuseppe De Marco

Only in the OP we have to enable the POST method without colliding with the actual login form submission. This will be achieved when we'll implement the trust_chain parameter in...

[Avviso 41] Cambiamenti

2

we need to align the implementations over this https://www.agid.gov.it/sites/default/files/repository_files/spid-avviso-n41-integrazione_ll.gg_._openid_connect_in_spid.pdf

Following the work made in release https://github.com/italia/spid-cie-oidc-django/releases/tag/v0.8.2 we have to consider that we don't have any mechanisms to check if a private_key_jwt is replied. I think that we should do...

[Provider] SSO and force auth

3

Handle the SSO and the force authn if `"prompt": "consent login",` or ACR > L2

- [ ] have all the spid_cie_oidc.entity Federation API available - [ ] small refactor to handle the absence of django.settings (a simple try/except with a fallback to os.environ ENV...

It's time to get it at least of 95%

We're considering the requirement to improve the mechanism to mint new trust marks with more dynamic claim then these: https://github.com/peppelinux/spid-cie-oidc-django/blob/49649c2117ecd8fab2dda0bc7a9397030a996795/spid_cie_oidc/onboarding/models.py#L231 we must consider also to have exp claim dynamically defined...

here https://github.com/peppelinux/spid-cie-oidc-django/blob/f1694c6ae5f26d3e249f05f23e0e15cc8f8da2e7/spid_cie_oidc/authority/tests/test_02_trust_anchor_intermediary.py#L171 we need more coverage with faulty use cases

[Feat] OIDC Provider staff panel for testing a RP

3

if a user gets logged in and he is a staff (user.is_staff == True) we MUST redirect the user to the testing page instead of the consent one. In the...

We need that all the trust chains and statements validations/operations must be independent from django framework. This way the code can be used/imported as it is even in a different...