Provider implementation #189
Comments
|
I want to add, I really appreciate the idea of a framework-independent base OIDC library! |
|
Hey @andrewbaxter, Great points! The provider-side functionality currently offered by this crate is mostly around generating responses (e.g., serializing and signing ID tokens, To parse requests, I think we'd need to introduce new provider-side types. It would feel off to have methods for sending requests (e.g., For the I won't have bandwidth to implement these changes in the foreseeable future, but I would be willing to shepherd them through for an interested contributor. |
|
Oh awesome, thanks for the reply! Same here, but if I have some time I might give it a try. Yeah, when I pushed a bit farther (for my super minimal provider) the only thing that was really missing was the query string stuff. In any case, thanks for clarifying and adding direction! |
Sorry if I missed something - I did try to dig around, but I don't think there are any specific examples or other issues/discussions related to this.
I'm trying to implement a lightweight oidc provider. AFAIK that usage is within the scope of this crate - the readme has an example for the provider-side well-known endpoint data for instance, providing a struct the provider can return to clients.
I'm trying to parse the query parameters of the initial request to the authenticate endpoint (
?redirect_url=abc,state=xyz,...probably withserde_urlencoded) and while there are types that correspond to this data (RequestUrl, or maybeAuthorizationRequest?) they're closed and tightly coupled with the client-side.Could pure-data types maybe be split out and opened up, or maybe similar provider-side structs be provided? I'm not sure how best to handle it. Though I guess I'd prefer having a bunch of data structs but no help with the request flow than help for part of the request flow but not all the data structs.
The text was updated successfully, but these errors were encountered: