tikurahul
commented
2 years ago but issues go unaddressed for months without community or maintainer engagement
Bugs do not go unaddressed. FRs on the other hand don't carry the same amount of weight given the library is open source and you can fork it to do what you want.
Common flows like token revocation and token refresh are not well-documented.
Token Refreshes are supported very well; it would not be much of a library if we did not do that. Did you look at the samples at all ? Token revocations are also supported.
Please look at the sample apps and read the documentation. This is not meant to be a high level OAuth2 library. The goal of this library is to be able to customize the parts you need, so you can accomplish your goal without sweating all the details.
justin-barca-at-camis
Expected Behavior
Issues are tagged, triaged and addressed in a timely fashion.
Describe the problem
[REQUIRED] Actual Behavior
openid as author lends this library some legitimacy but issues go unaddressed for months without community or maintainer engagement. Developers suffer from clunky low-level boilerplate code in attempts to avoid and alternative poorly maintained solution that many other resources are built upon. Common flows like token revocation and token refresh are not well-documented.
For the sake of accountability it would be good to know just how much resources from the OpenId foundation are being dedicated to maintain this library if any. Authorization flows are mission-critical and developers should know the risks and technical debt they take on in using this library.