Publish OAuth authorization server metadata endpoint

[dorkmatt]

Is your feature request related to a problem? Please describe. At SFMIX, we'd like to use PeeringDB as authentication for an upcoming election. The platform we're considering supports several authentication methods, including OpenID.

Ideally PDB would support OpenID, however for this ticket - we're assuming the currently implemented OAuth authentication support.

An endpoint can be published to discover PDB's OAuth availability, essentially offering a machine readable description of token, authentication, scopes, etc. This file format is described at numerous locations:

• https://sagarag.medium.com/how-do-you-discover-the-oauth2-server-configuration-d42d30ad5b9d
• https://datatracker.ietf.org/doc/html/rfc8414
• https://docs.pingidentity.com/r/en-us/pingfederate-112/pf_oauth_authorization_server_metadata_endpoint

Describe the solution you'd like Publishing of /.well-known/oauth-authorization-server file.

Do you think this feature will require a formal design? Unknown

What is the proposed priority? Not urgent

[grizz]

+1

[jackcarrozzo]

+1

[martinhannigan]

On Fri, Mar 29, 2024 at 03:18 Matt Peterson @.***> wrote:

Is your feature request related to a problem? Please describe. At SFMIX, we'd like to use PeeringDB as authentication for an upcoming election. The platform we're considering supports several authentication methods, including OpenID https://help.simplyvoting.com/docs/supported-remote-authentication-methods#openid-connect-oidc .

Ideally PDB would support OpenID, however for this ticket - we're assuming the currently implemented OAuth authentication support

+1 and timeline, hopefully before the election?