Replies: 2 comments
-
@dfurmans If you want to enhance Play's OpenID support, feel free to provide a pull request. The current openid implementation can be found here: https://github.com/playframework/playframework/tree/main/web/play-openid/src |
Beta Was this translation helpful? Give feedback.
-
At my employer, I created a custom OAuth2/OIDC library for our RPs, it aims to be compliant with the following specs:
This library is closed source, and I don't think me or my employer are comfortable publishing it just like that. But we partially created it due to the lack of existing libraries, but also for a few smaller proprietary features. While I don't think I'll have the time to work on an open-source implementation, I certainly am willing to aid this endeavor. You are welcome to tag me for questions, discussions or reviews, should you be interested in having another pair of eyes on it. I am knowledgeable about the OAuth2/OIDC specifications and their extensions, but also have a lot of experience implementing those in Play Framework, from the IdP as well as the RP side. My recent post, and example project for extracting Bearer Tokens, might also be of interest to you. |
Beta Was this translation helpful? Give feedback.
-
Issue source for this improvement
https://www.playframework.com/documentation/3.0.x/ScalaOpenID
Status Quo
Currently Play Framework out-of-the-box supports OpenID 1.0 and OpenID 2.0.
Would be great to provide native support for the new version OpenID Connect (OIDC).
Improvement Motivation
We could provide support for support client_secret and client_id based on new OpenID Connect (OIDC) and having natively support.
btw, see #12764
Beta Was this translation helpful? Give feedback.
All reactions