Django-Solid-OIDC-Provider
EDIT: this issue originally focussed on consolidating parts of DjangoLDP-Account's functionality into Django-WebID-OIDC-Provider. This I think is covered by #5 so now the scope of the issue can be relating to the changes in the Solid OIDC specification from the older WebID OIDC specification
See #6 (closed) for background and a comparison of the two specifications
Without further ado here are the tasks I think will be involved in the upgrade:
-
DPoP (OP-side #1 (closed) , RS-side djangoldp-account#70 (closed)) -
Client identifiers as URI (#10 ) -
code_challenge_methods_supported
key should be returned inProviderInfoView
response (optional) -
Implicit grant type support dropped for security reasons -
user's webid is stored on client, but since we store the
user
, who should have a webid, this may be implicit - access token fields. Being covered in the work on DPoP
-
webid
in id_token. Being covered in the work on DPoP -
MUST advertise solid-oidc conformance in OIDC discovery - included missing RS-side steps in djangoldp-account#70 (closed)