search

italia / Satosa-Saml2Spid

SATOSA SAML-to-SAML proxy with Spid compliances
Apache License 2.0
42 stars 25 forks source link

[Backend] SPID/CIE id OIDC support #61

Open peppelinux opened 1 year ago

peppelinux commented 1 year ago

Assumptions

  1. Satosa-Saml2Spid support OIDC and OAuth2 in its Frontend called satosa-oidcop
  2. SPID and CIE id now supports OIDC, following OpenID Federation 1.0 and iGov
  3. The italian implementation profile adopts security best practices and requires a full compliances to both SPID and CIE id test plans

Requirements

  1. Satosa-Saml2Spid needs a OIDC RP backend complaiant to SPID and CIE id
  2. the SPID and CIE OIDC Backed have to support OIDC Federation 1.0
  3. The authentication button in the discovery page should be built automatically, following the OIDC Federation API and the list of Metadata (if local files or MQD query to /entities)