aOIDC

Suckless implementation of OpenID Connect Core for python with asyncio support in mind.

🚧 Currently under development 🚧

Also implemented:

• RFC 6749: The OAuth 2.0 Authorization Framework
  • Authorization code flow
• RFC 7033: WebFinger
• RFC 7591: OAuth 2.0 Dynamic Client Registration Protocol - partically
• RFC 7636: Proof Key for Code Exchange by OAuth Public Clients
• RFC 7662: OAuth 2.0 Token Introspection
• RFC 8414: OAuth 2.0 Authorization Server Metadata
  • Metadata model
  • /.well-known/oauth-authorization-server request
• OpenID Connect Core
  • ID Token model
  • Authorization code flow
• OpenID Connect Discovery 1.0
  • WebFinger discovery
  • Model
  • .well-known/openid-configuration request

Implementation status / Roadmap

Core functional that I need from such library is simple client authentication via authorization code flow, so this will be implemented first.

1. OIDC Client for CODE flow
2. OIDC Client for PKCE flow
3. OIDC Client for token verification
4. OIDC Client for client_credentials flow

Motivation

All the existing python OIDC RP libs are the big balls of mud:

• pyoidc - synchronous, a little obscure, but the best of all existing.
• idpy-oidc - older lib from the same dev as pyoidc.
• authlib - synchronous, no typing, giant pain to use, dual licensing, bad kwargs architecture, bad docs. Worst library.
• oauthlib - synchronous, no OIDC client, only provider.
• oidc-client - not really a library.

There are few libraries which supports OAuth 2.0 & OIDC as provider (server), but they are out-of-scope.