Asymmetric JWT

Description

As an OpenID Connect client, I should be able to discover the details necessary to interact with a provider.

Acceptance Criteria

  1. The OIDC provider should provide its configuration details at /.well-known/openid-configuration.

  2. The configuration response should follow the spec at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig.

  3. Services should read/cache the OIDC configuration at startup, and fail to start if the configuration cannot be read.

  4. Services should periodically retrieve/cache the OIDC configuration.

  5. Services should have a management command allowing a manual refresh of OIDC configuration.

Dependencies

  1. DevOps: configuration, new repo (maybe)

Epic Link

Activity

Show:
Nimisha Asthagiri
July 24, 2018, 3:16 PM

I am closing this ticket in favor of the work that Arch Squad has started: https://openedx.atlassian.net/browse/ARCH-178

ClintonB
June 22, 2017, 7:59 PM

While we are phasing out OpenID Connect, we can still make use of this discovery/well-known endpoint functionality.

ClintonB
December 5, 2016, 11:10 PM

please do!

Renzo Lucioni
December 5, 2016, 10:52 PM

can we groom this?

Abandoned

Priority

Unset

Assignee

Unassigned

Fix versions

None

Sprint

None

Labels

Story Points

2

Reporter

ClintonB