Closed selfissued closed 4 years ago
Have issued a PR on pyOIDC to fix this.
The change to pyOIDC has been accepted and merged.
it is included in pyoidc 1.1.2 and as such part of OP release 2.3.1 and RP 1.2.1 https://github.com/openid-certification/oidctest/releases/tag/v1.2.3
The Front-Channel and Back-Channel specs say that
frontchannel_logout_session_supported
andbackchannel_logout_session_supported
SHOULD be registered but that if they're not present, their default values arefalse
. The certification tool flags it as an ERROR if these are missing in OP-FrontChannel-Discovery and OP-BackChannel-Discovery, rather than using the specifiedfalse
values.See the spec text at https://openid.net/specs/openid-connect-frontchannel-1_0.html#OPLogout and https://openid.net/specs/openid-connect-backchannel-1_0.html#BCSupport.
See the errors at https://op.certification.openid.net:60046/test_info/OP-FrontChannel-Discovery and https://op.certification.openid.net:60046/test_info/OP-BackChannel-Discovery.