-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Identity Assurance support has been out in the cold. Time to bring it in again. #83
Conversation
Updating to follow the last version of the spec.
Added a signing algorithm that is supported by cryptojwt. Had two copies of the same functions (get_signing_algs,get_encryption_algs,get_encryption_encs) in different places reduced that to one.
…ntext (if one exists). This is useful when it comes to keyjars. Store the original signed or encrypted jwt as part of the parsed and verified response.
Allow for checking context instance when looking for attributes. Look for client authn methods in endpoint as well as in context.
… by a server. 'allowed_methods' are then ones that can be used by a specific endpoint
Signed-off-by: Kostis Triantafyllakis <[email protected]>
Signed-off-by: Kostis Triantafyllakis <[email protected]>
Signed-off-by: Kostis Triantafyllakis <[email protected]>
Added a signing algorithm that is supported by cryptojwt. Had two copies of the same functions (get_signing_algs,get_encryption_algs,get_encryption_encs) in different places reduced that to one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
for the next PR I kidnly suggest to not have additional features or bufix commits mixed with linting commit for sake of readability
I know that would repreent a bane for the developer who made the PR but without this way to do the bane would be for the reviewers :-)
thank you @rohe for this valuable PR that makes a new important release of idpy-oidc
PS = I didn't had time to do accurate functional tests, I look forward to @ctriant for any additional check according to its implementation test platform
Identity Assurance is important in connection with openid4vci/openid4vp.