Go to file
Andy Clayton b1e994aa7e Fix token introspection "aud" and "client_id" response
Based on the OAuth 2.0 Token Introspection spec the "aud" field should
be based on the token. Previously "aud" was populated with the id of the
client making the introspection request which seems wrong. This changes
the endpoint to return the value from the token.

The "client_id" field is then changed to return the client id for the
client that originally requested the token rather than returning the
"aud" value from the token.

From the spec https://tools.ietf.org/html/rfc7662:

   client_id
      OPTIONAL.  Client identifier for the OAuth 2.0 client that
      requested this token.

   aud
      OPTIONAL.  Service-specific string identifier or list of string
      identifiers representing the intended audience for this token, as
      defined in JWT [RFC7519].
2018-07-04 09:53:30 -05:00
docs Update changelog.rst 2018-07-04 11:38:30 -03:00
example Update example project. 2018-03-23 17:06:44 -03:00
oidc_provider Fix token introspection "aud" and "client_id" response 2018-07-04 09:53:30 -05:00
.gitignore Simplify test suit. 2018-03-22 11:45:56 -03:00
.travis.yml Remove Django 1.7 for travis. 2018-04-20 12:34:14 -03:00
LICENSE Bump version v0.4.3. 2016-11-02 12:28:39 -03:00
MANIFEST.in Fix translations handling 2016-11-24 13:09:19 +01:00
README.md Update README.md 2018-04-23 16:00:33 -03:00
setup.py Update setup.py 2018-04-27 14:47:07 -03:00
tox.ini Test docs with tox. 2018-04-20 18:23:41 -03:00

Django OpenID Connect Provider

Python Versions PyPI Versions Documentation Status Travis

About OpenID

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. Like Google for example.

About the package

django-oidc-provider can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect (and OAuth2) capabilities to your Django projects.

Support for Python 3 and 2. Also latest versions of django.

Read documentation for more info.

Do you want to contribute? Please read this.