OIDCConfig¶
- pydantic model gafaelfawr.models.oidc.OIDCConfig¶
Schema for the
/.well-known/openid-configurationendpoint.- Parameters:
data (
Any)
Show JSON schema
{ "title": "OIDCConfig", "description": "Schema for the ``/.well-known/openid-configuration`` endpoint.", "type": "object", "properties": { "issuer": { "examples": [ "https://example.com/" ], "title": "iss value for JWTs", "type": "string" }, "authorization_endpoint": { "examples": [ "https://example.com/auth/openid/login" ], "title": "URL to start login", "type": "string" }, "token_endpoint": { "examples": [ "https://example.com/auth/openid/token" ], "title": "URL to get token", "type": "string" }, "userinfo_endpoint": { "examples": [ "https://example.com/auth/openid/userinfo" ], "title": "URL to get user metadata", "type": "string" }, "jwks_uri": { "description": "Endpoint will return a JWKS", "examples": [ "https://example.com/.well-known/jwks.json" ], "title": "URL to get signing keys", "type": "string" }, "scopes_supported": { "default": [ "openid", "profile", "email", "rubin" ], "description": "List of supported scopes", "examples": [ [ "openid", "profile", "email" ] ], "items": { "type": "string" }, "title": "Supported scopes", "type": "array" }, "response_types_supported": { "default": [ "code" ], "description": "``code`` is the only supported response type", "examples": [ [ "code" ] ], "items": { "type": "string" }, "title": "Supported response types", "type": "array" }, "response_modes_supported": { "default": [ "query" ], "description": "``query`` is the only supported response mode", "examples": [ [ "query" ] ], "items": { "type": "string" }, "title": "Supported response modes", "type": "array" }, "grant_types_supported": { "default": [ "authorization_code" ], "description": "``authorization_code`` is the only supported grant type", "examples": [ [ "authorization_code" ] ], "items": { "type": "string" }, "title": "Supported grant types", "type": "array" }, "subject_types_supported": { "default": [ "public" ], "description": "``public`` is the only supported subject type", "examples": [ [ "public" ] ], "items": { "type": "string" }, "title": "Supported subject types", "type": "array" }, "id_token_signing_alg_values_supported": { "default": [ "RS256" ], "description": "``RS256`` is the only supported signing algorithm", "examples": [ [ "RS256" ] ], "items": { "type": "string" }, "title": "Supported JWT signing algorithms", "type": "array" }, "token_endpoint_auth_methods_supported": { "default": [ "client_secret_basic", "client_secret_post" ], "description": "``client_secret_basic`` and ``client_secret_post`` are supported", "examples": [ [ "client_secret_basic", "client_secret_post" ] ], "items": { "type": "string" }, "title": "Supported client auth methods", "type": "array" } }, "required": [ "issuer", "authorization_endpoint", "token_endpoint", "userinfo_endpoint", "jwks_uri" ] }
- Fields:
- field authorization_endpoint: str [Required]¶
- field grant_types_supported: list[str] = ['authorization_code']¶
authorization_codeis the only supported grant type
- field id_token_signing_alg_values_supported: list[str] = ['RS256']¶
RS256is the only supported signing algorithm
- field issuer: str [Required]¶
- field jwks_uri: str [Required]¶
Endpoint will return a JWKS
- field response_modes_supported: list[str] = ['query']¶
queryis the only supported response mode
- field response_types_supported: list[str] = ['code']¶
codeis the only supported response type
- field scopes_supported: list[str] = ['openid', 'profile', 'email', 'rubin']¶
List of supported scopes
- field subject_types_supported: list[str] = ['public']¶
publicis the only supported subject type
- field token_endpoint: str [Required]¶
- field token_endpoint_auth_methods_supported: list[str] = ['client_secret_basic', 'client_secret_post']¶
client_secret_basicandclient_secret_postare supported
- field userinfo_endpoint: str [Required]¶