Martin v. Löwis added the comment: Starting to implement an OpenID Connect Consumer using the oic library, I fail in the first step. The OpenID specification says in
http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata that the issuer field of the metadata MUST be an "URL using the https scheme", yet https://accounts.google.com/.well-known/openid-configuration gives "accounts.google.com" as the issuer. oic then complains that claimed issuer ID and the requested issuer ID (https://accounts.google.com) are different. Looks like a protocol violation from Google to me. _______________________________________________________ PSF Meta Tracker <metatrac...@psf.upfronthosting.co.za> <http://psf.upfronthosting.co.za/roundup/meta/issue559> _______________________________________________________ _______________________________________________ Tracker-discuss mailing list Tracker-discuss@python.org https://mail.python.org/mailman/listinfo/tracker-discuss
