Skip to content

Latest commit

 

History

History
15 lines (10 loc) · 958 Bytes

README.md

File metadata and controls

15 lines (10 loc) · 958 Bytes

Solid OIDC Client Browser

This library implements a very simple version of the Solid OIDC protocol:

  • AuthorizationCodeGrant
  • with PKCE
  • with iss check (TODO double check if necessary to check token iss as well)
  • with dynamic client registration (TODO support provided client_id and client profile documents)
  • RefreshTokenGrant to renew a session
  • Unsure about storage. Currently, client_id, client_secret, refresh_token and token_endpoint are stored in sessionStorage. I see that other implementations store the session state in localStorage - no idea if that is deemed secure nowadays.

Initial version co-authored by @dschraudner and @uvdsl for the MANDAT project, and first released by DATEV Research.