I was considering just monkey patching / copying the pattern here for ID Token validation (it's very nice).
But before I do, thought I'd stop and ask - what's the reason I'm not seeing some back channel support here already?
Are you just looking to support core OIDC here? or are you interested in extension too?
I get we're implimenting a draft too, so perhaps you're hanging on until it's published?
I've got a relaying party using openid_connect, and we're looking to impliment the OpenID Connect Back-Channel Logout 1.0 - draft 07 spec.
There are some LogoutToken validation requirements that look eerily similar to the kind of stuff we're doing here over in the response_token/id_token.rb.
I was considering just monkey patching / copying the pattern here for ID Token validation (it's very nice). But before I do, thought I'd stop and ask - what's the reason I'm not seeing some back channel support here already?
Are you just looking to support core OIDC here? or are you interested in extension too? I get we're implimenting a draft too, so perhaps you're hanging on until it's published?