Development #6982
Mis à jour par Benjamin Dauvergne il y a environ 9 ans
The first target is the Authorization Code Flow which[1] matches more or less what we called an OAuth2 IdP before.
No refresh token should be produced.
Supported features:
* id token signed with RSA key
* auth_time in id token
* max_age
* prompt {none,login} for the ID token is not necessary for now.
* display {page,popup}
* "OIC Metadata":http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
* "RP initiated logout":http://openid.net/specs/openid-connect-session-1_0.html#RPLogout and end_session_endpoint in metadata
fn1. "Authentication using the Authorization Code Flow":http://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth
No refresh token should be produced.
Supported features:
* id token signed with RSA key
* auth_time in id token
* max_age
* prompt {none,login} for the ID token is not necessary for now.
* display {page,popup}
* "OIC Metadata":http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
* "RP initiated logout":http://openid.net/specs/openid-connect-session-1_0.html#RPLogout and end_session_endpoint in metadata
fn1. "Authentication using the Authorization Code Flow":http://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth