authlib icon indicating copy to clipboard operation
authlib copied to clipboard
verified publisher icon lepture

RFC8414 - Automatically generate the server metadata file

Open azmeuk opened this issue 5 years ago • 0 comments

I am not sure if this ticket belongs in github or stackoverflow.

With version 0.14.3 authlib can load and check a hand-written oauth-server-metadata file (defined in RFC8414) and let authlib check its validity.

However, I wonder if this file could be automatically generated and served with authlib. One could statically define the issuer and some other fields such as response_types_supported, but I suppose most endpoints could be collected with decorators. For instance, with a flask integration:


@authlib.rfc8414.endpoint(
    "token",
    auth_metods=["client_secret_basic", "private_key_jwt"],
    alg=["RS256", "ES256"],
)
@bp.route("/token, methods=["POST"])
    return authorization.create_token_response()

I suppose that would require a bit of work though, but I wanted to share the idea with you. What do you think?

azmeuk avatar Aug 25 '20 09:08 azmeuk