* Log create_uri_response exceptions to logger.exception
* Support grant type password - basics
* Add tests for Resource Owner Password Credentials Flow
* Password Grant -Response according to specification
* Better tests for errors, disable grant type password by default
* Add documentation for grant type password
* User authentication failure to return 403
* Add id_token to response
* skipping consent only works for confidential clients
* fix URI fragment
example not working URL `http://localhost:8100/#/auth/callback/`
* OIDC_POST_END_SESSION_HOOK + tests
* Explicit function naming
* Remove print statements
* No need for semicolons, this is Python
* Update CHANGELOG.md
* fixed logger message
* Improved `exp` value calculation
* rename OIDC_POST_END_SESSION_HOOK to OIDC_AFTER_END_SESSION_HOOK
* added docs for OIDC_AFTER_END_SESSION_HOOK
* Replaces `LOGIN_URL` with `OIDC_LOGIN_URL`
so users can use a different login path for their oidc requests.
* Adds a setting variable for custom template paths
* Updates documentation
* Fixed bad try/except/finally block
* Adds test for OIDC_TEMPLATES settings
* Determine value for op_browser_state from session_key or default
* Do not use cookie for browser_state. It may not yet be there
* Add docs on new setting
OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY
* Fix compatibility for older versions of Django
* solved merging typo for missing @property
This implements a very small part of the OIDC session management as
described in
http://openid.net/specs/openid-connect-session-1_0-17.html#rfc.section.5.
It does not implement the full session management (using iframes) and
does not implement the registration and verification of logout redirect
uri's.