Open
Description
This makes it massively easier to integrate with existing oidc clients.
After getting the the jwks_uri endpoint to work as described in #2 I added this handler to get auto discovery to work:
@bp.route("/.well-known/openid-configuration")
def well_known_openid_configuration():
def external_url(function_name):
return url_for(function_name, _external=True)
return jsonify({
"authorization_endpoint": external_url('.authorize_endpoint'),
"token_endpoint": external_url('.token_endpoint'),
"userinfo_endpoint": external_url('.userinfo_endpoint'),
"jwks_uri": external_url('.jwks_endpoint'),
# Do I even need this one?
# IMO the OIDC server doesn't have a concept of a user being still logged in? --mh
# "end_session_endpoint": "http://oidc:4000/openid/end-session",
"id_token_signing_alg_values_supported": [
"HS256",
"RS256"
],
"issuer": JWT_CONFIG['iss'],
"response_types_supported": [
"code",
# TODO check what it takes to support these too
# "id_token",
# "id_token token",
# "code token",
# "code id_token",
# "code id_token token"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
# TODO is supporting both a good idea? --mh
"client_secret_post",
"client_secret_basic"
],
})@lepture is there a way to add this to the example code? Or use this a starting point to add it? (I'm not particularly sure this is even right).
Metadata
Metadata
Assignees
Labels
No labels