Hi all, I am an undergraduate from University of Moratuwa, Computer Science and Engineering department. I am interested in the $subject project idea. I have worked with a OpenID Connect certification project previously.
OpenID Connect(OIDC) is an authentication protocol based on OAuth2.0 family of specifications. There are three main specifications[1][2][3] written for OIDC. Since the project goal is to create an OIDC authentication handler, we need to focus on [1] specification. There are three main flows for the authentication process given in the specification[1]. 1. *Authentication code flow* *(Basic)* - This flow will first issue a code in authorization endpoint and that code can be used to issue an access token and id_token from token endpoint. In this flow client secret is shared to recognize the relying party. So this flow can be used for applications that have a secure sever side applications. 2. *Implicit flow* - This flow will not issue a code but it will issue an access token and id_token from the authorization endpoint. In this flow client secret is not shared so this flow is preferred for single web page applications. 3. *Hybrid flow* - This is combination of the previous two flows. Basic and Implicit flows must be supported by an OIDC Authentication Handler. Hybrid flow is not mandatory as per the specification[1]. The blog[4] written by me on OIDC Basics will help to understand the basics without reading the whole specification. Should we try to implement all three flows or the first two flows(Basic and Implicit) ? [1] - http://openid.net/specs/openid-connect-core-1_0.html [2] - https://openid.net/specs/openid-connect-discovery-1_0.html [3] - http://openid.net/specs/openid-connect-registration-1_0.html [4] - https://medium.com/@hasiniwitharana/openid-connect-532465308090 <http://openid.net/specs/openid-connect-registration-1_0.html> Thank you. -- *Hasini Witharana* Undergraduate | Department of Computer Science and Engineering University of Moratuwa Linkedin <https://www.linkedin.com/in/hasini-witharana-185785109/>
