Open vladimir-mencl-eresearch opened 1 year ago
peppelinux
commented
1 year ago considering satosa-oidcop I'd suggest to continue working on this branch https://github.com/UniversitaDellaCalabria/SATOSA-oidcop/tree/idpy-oidc
and complete the migration to idpy-oidc
vladimir-mencl-eresearch
commented
1 year ago Sorry, I may be lost in the different projects ... what is the difference between IdentityPython/oidc-op and IdentityPython/idpy-oidc ?
peppelinux
commented
1 year ago IdentityPython/oidc-op is not mantained anymore, developers efforts are moved to idpy-oidc
satosa-oidcop has to switch to idpy-oidc I started, then a configuration refactoring stopped me, then I'm looking for contributors that can help development and confirms satosa-oidcop as a concrete community driven software (as it started from the begin!)
vladimir-mencl-eresearch
commented
1 year ago Thanks!
So idpy-oidc is a rewrite of oidc-op - or a replacement that started as a new project?
And where does pyop fit into that picture?
Cheers, Vlad
peppelinux
commented
1 year ago A rewrite
pyop Is dead
We Need you, please join in the Dev team!
Hi,
This is partly related to UniversitaDellaCalabria/SATOSA-oidcop#20 and UniversitaDellaCalabria/SATOSA-oidcop#21 (which give some more context).
When trying to use
pairwisesub_typewith oidcop, I was getting the samesubvalues for bothpublicandpairwisetypes - and realised it was becausesector_identifierbeing passed bycreate_grantto the sub functions was an empty string.And I found it's populated with
auth_req.get("sector_identifier_uri", "").I managed to set it by explicitly including it as an extra parameter in the Authn request with:
... but this uncovers several issues:
I believe this could be addressed by extending the interface of
create_grantandcreate_sessionto also take asector_identifierattribute - which would be populated from the client registration database available in the code making these calls (such as OidcOpFrontend).Thanks a lot in advance for considering this.
Cheers, Vlad