oidcc
oidcc copied to clipboard
erlef
OpenId Connect client library in Erlang & Elixir
> @maennchen I did have one question about this. My read of the spec was that `RS256` should be allowed but not `HS256`, but there's a specific test case which...
### Description Defined in [JWT Response for OAuth Token Introspection](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-jwt-introspection-response-12) and required for the [FAPI 2.0 Message Signing](https://openid.bitbucket.io/fapi/fapi-2_0-message-signing.html) profile. See #317.
### Description for FAPI 2.0 - Message Signing * https://openid.bitbucket.io/fapi/fapi-2_0-message-signing.html#name-http-message-signing * https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures-19
### oidcc version 3.2.0 ### Erlang version 27.0 ### Elixir version 1.17.2 ### Summary Attempting to integrate with kanidm (https://kanidm.com) as an OIDC provider, I am unable to successfully start...
resolves #364 previously could only introspect a client_id's own token, introspect needs to be able to introspect any token for an issuer. It is my understanding from https://datatracker.ietf.org/doc/html/rfc7662 that introspect...
### oidcc version 3.2.0 ### Erlang version 26.2.5 ### Elixir version - ### Summary calls to `oidcc_provider_configuration_worker:get_provider_configuration/1` randomly times out. It seems that this is somehow related to httpc timing...
### Discussed in https://github.com/erlef/oidcc/discussions/362 Originally posted by **danj3** July 30, 2024 There's a line in oidcc_token_introspection.erl:extract_response: ``` IntrospectionClientId == ClientId; IntrospectionClientId == undefined ``` Which seems to mean that the...
### Description According to the docs, there are four supported authentication methods: `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, and `private_key_jwt`. As such, all functions in `Oidcc` require both a client ID and client...
