This project is a Python implementation of everything OpenID Connect and OAuth2.
idpyoidc is the 2nd layer in the JwtConnect stack (cryptojwt, idpyoidc). As OIDC OP Idpy implements the following standards:
- OpenID Connect Core 1.0 incorporating errata set 1
- Web Finger
- OpenID Connect Discovery 1.0 incorporating errata set 1
- OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1
- OpenID Connect Session Management 1.0
- OpenID Connect Back-Channel Logout 1.0
- OpenID Connect Front-Channel Logout 1.0
- OAuth2 Token introspection
- OAuth 2.0 Form Post Response Mode
It also comes with the following add_on modules.
- Custom scopes, that extends OIDC standard ScopeClaims
- Proof Key for Code Exchange by OAuth Public Clients (PKCE)
- OAuth2 PAR
- OAuth2 RAR
- OAuth2 DPoP
- OAuth 2.0 Authorization Server Issuer Identification
If you want to add or replace functionality the official documentation should be able to tell you how.
If you are just going to build a standard OP you only have to understand how to write your configuration file.
In example/ folder you'll find some complete examples based on flask and django.
Please read the Official Documentation for getting usage examples and further informations.
Your contribution is welcome, no question is useless and no answer is obvious, we need you.
Please open an issue if you've discoveerd a bug or if you want to ask some features.
Please open your Pull Requests on the develop branch. Please consider the following branches:
- main: where we merge the code before tag a new stable release.
- develop: where we push our code during development.
- other-custom-name: where a new feature/contribution/bugfix will be handled, revisioned and then merged to dev branch.
The entire project code is open sourced and therefore licensed under the Apache 2.0.