Add support for ID Token encryption

[cbouvier15]

Hey there, we have used this amazing library for a while now.

Recently, we have received a request to add support for ID Token encryption.
It seems like NIST SP 800-63c defines Federation Assurance Levels (FAL) and to achieve the second level (the one we want) it is needed signed and encrypted assertions (ID Token in OpenID Connect 1.0 words)

What do you think about add this feature?
What do you think about the following checklist?

1. Store or get the Client’s public key (new field in Client model?)
2. Use a flag to enable/disable encryption per Client (new flag in Client model?)
3. Use the public key to encrypt the ID Token (if settings are OK, sign then encrypt ID Token)

Look forward to your response.
I think we can tackle that and make a PR.

Regards!

[juanifioren]

Hi @kitab15 the checklist seems OK to me.
Your feature request leaves me a question, now we are only encrypting id_token with OP keys. With this, before making de JWE we need to sign the token with Client (RP) keys.

• We should use JWE here, instead of JWS 🤔
  https://github.com/juanifioren/django-oidc-provider/blob/master/oidc_provider/lib/utils/token.py#L72,L88
• Support multiple client algorithm types? only RSA?

[juanifioren]

About signing & encrypting: https://github.com/IdentityPython/pyjwkest/blob/master/doc/examples.rst#signed-and-encrypted-nested-jwt

[cbouvier15]

Hi @juanifioren!

With "now we are only encrypting id_token with OP keys" you meant signing, right?

I think that we need to sign the id_token with OP key (JWS) and then encrypt it with the RP public key (JWE). That way, both content integrity (JWS) and confidentiality (JWE) are guaranteed.

So, to answer your points:

• We should use both JWS and JWE (optionally).
• Totally agree on implementing the solution to support multiple algorithms (RSA, Elliptic Curve, SHA-256)

If you agree, we can consider start working on this soon.

[juanifioren]

For sure! submit PR asap. So I can help too.