-
- Downloads
OpenID Connect Core 1.0 and Discovery 1.0 support
Limited to OpenID provider conformance profiles "Basic" and "Config": - Support for features mandatory to implement for all OpenID Providers, not the feature set for Dynamic OpenID Providers - Only Authorization Code Flow, no support for Implicit/Hybrid Flow - Only code response type, no support for token/id_token - Server metadata is served at /.well-known/openid-configuration Additional/optional features: - Support for "claims" parameter - Support for standard scopes "profile" and "email" - Support for non-standard scope/claim "groups" (in violation of RFC 9068) Compatability with existing (working) uffd client setups: Authorization requests without the "openid" scope behave the same as before Prior to this change authorization requests with the "openid" scope were rejected by uffd. This change adds direct dependencies to pyjwt and cryptography. Prior to this change both were already transitive dependencies of oauthlib.
Showing
- README.md 46 additions, 1 deletionREADME.md
- debian/control 2 additions, 1 deletiondebian/control
- setup.py 2 additions, 3 deletionssetup.py
- tests/migrations/test_fuzzy.py 2 additions, 2 deletionstests/migrations/test_fuzzy.py
- tests/models/test_oauth2.py 158 additions, 0 deletionstests/models/test_oauth2.py
- tests/views/test_oauth2.py 700 additions, 5 deletionstests/views/test_oauth2.py
- uffd/migrations/versions/01fdd7820f29_openid_connect_support.py 148 additions, 0 deletions...igrations/versions/01fdd7820f29_openid_connect_support.py
- uffd/models/__init__.py 1 addition, 1 deletionuffd/models/__init__.py
- uffd/models/oauth2.py 183 additions, 20 deletionsuffd/models/oauth2.py
- uffd/models/service.py 10 additions, 0 deletionsuffd/models/service.py
- uffd/views/oauth2.py 449 additions, 212 deletionsuffd/views/oauth2.py
Loading
Please register or sign in to comment