This repository contains an example of how to use the pyoidc library to provide simple OpenID Connect authentication (using the "Code Flow".
The extension support both static and dynamic provider configuration discovery as well as static and dynamic client registration. The different modes of provider configuration can be combined in any way with the different client registration modes.
- Static provider configuration:
OIDCAuthentication(provider_configuration_info=provider_config), whereprovider_configis a dictionary containing the provider metadata. - Dynamic provider configuration:
OIDCAuthentication(issuer=issuer_url), whereissuer_urlis the issuer URL of the provider. - Static client registration:
OIDCAuthentication(client_registration_info=client_info), whereclient_infois all the registered metadata about the client. Theredirect_urisregistered with the provider MUST include<flask_url>/redirect_uri, where<flask_url>is the URL for the Flask application.
The application using this extension MUST set the following builtin configuration values of Flask:
SERVER_NAME(MUST be the same as<flask_url>if using static client registrationSECRET_KEY(this extension relies on Flask session, which requiresSECRET_KEY)
Have a look at the example Flask app in app.py for an idea of how to use it.