Closed zandbelt closed 4 years ago
You're right! Must change that in pyoidc. Will issue another PR when the one on post logout without a post_logout_redirect_uri has been handled unless I can combine them.
The RP has been accepted and merged into the master branch of pyOIDC.
in the latest release now https://github.com/openid-certification/oidctest/releases/tag/v1.2.3
According to https://openid.net/specs/openid-connect-backchannel-1_0.html#BCRequest the backchannel logout request should have the
Content-Type
set toapplication/x-www-form-urlencoded
. It looks like the test suite (i.e. pyoidc) does not set this header, can you confirm?