tikurahul
commented
6 years ago I re-read your question. Sorry. Can you please include an example OpenID provider where this information is specified in the config ?
Closed markphillips100 closed 6 years ago
tikurahul
commented
6 years ago I re-read your question. Sorry. Can you please include an example OpenID provider where this information is specified in the config ?
markphillips100
commented
6 years ago I use IdentityServer 4 for my app's OpenId provider. You can find documentation on it here.
There are samples available from their GitHub repos show-casing most of, if not all, the specification.
They support an Implicit flow for SPA clients through the use of their OSS JS library oidc-client-js. This has been used in the past by some, including myself, in a Cordova application by using some extra code to wrap an embedded user-agent (InAppBrowser Cordova plugin).
It is no longer recommended practice to use an embedded user-agent, hence why the push to use this library due to it supporting Authorization Code flow + PKCE.
Expected Behavior
Fetching .well-known/openid-configuration from the authority should return both userinfo_endpoint and end_session_endpoint URLs if available so that the consumer can inquire information about the user identity and also revoke the identity at the authority. This would allow support for user sign-out at the authority.
Describe the problem
[REQUIRED] Actual Behavior
The URLs for userinfo_endpoint and end_session_endpoint authority endpoints are not available in the type AuthorizationServiceConfiguration as optional properties.
[REQUIRED] Steps to reproduce the behavior
N/A
[REQUIRED] Environment