search

IdentityPython / idpy-oidc

Implementation of everything OIDC and OAuth2
Apache License 2.0
40 stars 22 forks source link

A couple of fixes #76

Closed rohe closed 1 year ago

rohe commented 1 year ago
  1. (johnbyrne7) I got these 2 working together OK after your changes. I did have to make a few adjustments:
    • example/flask_rp/config.json was not valid json
    • added flask to requirements.txt
    • improved the example/*/run.sh scripts and readme
    • example/flask_rp requires current dev version of idpy-oidc. pip package doesn't work for it
  2. (ctriant) Fix returned _supports on token endpoint
  3. (ctriant) This MR unbinds the authentication event lifetime validation from the userinfo response.
The userinfo endpoint should only consider the provided token, that must fullfill the following criteria:
    1. the token is an access-token
    2. the access-token is valid (not expired or revoked)
    3. the access-token includes the openid scope
rohe commented 1 year ago

I asked for a review 2 month ago and still no response. @c00kiemon5ter and @peppelinux please review.