Description
Carry out development based on OpenID Connect (OIDC), specifically for extending the standard to make OIDC “federation and interfederation capable” (i.e. OIDC metadata, discovery, etc.), including engaging with and contributing to the IETF and developing a potential OIDC profile for eduGAIN.
Results
OIDCfed
During the GN4-2 the federation specification was updated and hence implemented
Library 1
Library 2
Registry application for OpenID Connect federations and entities (REGO): https://github.com/daserzw/rego
OIDC Support in Shibboleth
In the GN4-2 a full plugin for OIDC in Shibboleth is build. The code was build in agreement with the Shibboleth developers, and reached beta status
Code & Background - https://github.com/CSCfi/shibboleth-idp-oidc-extension
The beta release - https://github.com/CSCfi/shibboleth-idp-oidc-extension/releases/tag/v0.8.0b
Training material
- 15 october 2018 @ Orlando, FL, USA (Technology Exchange): https://wiki.eduuni.fi/pages/viewpage.action?pageId=75756004
- 11 & 12 october @ Amsterdam, NL https://wiki.eduuni.fi/display/CSCHAKA/181211-12+@+Shibboleth+OIDC+Extension+Tutorial
OpenID Foundation R&E Working Group
Project participants of the OIDCfed task members were one of the founding members of the OpenID Foundation R&E Working Group, founded in Oct 2018, in order to get a broader base for the OIDC work within R&E, with focus on:
- Developinga profile for OpenID Connect with specific requirements for security, multi-lateral trust and interoperability in the R&E sector.
- Developing a profile for the use of a specific set of claims and scopes related to the R&E sector.
- Developing a profile for extending OpenID Connect entity's metadata to support policy frameworks used in the R&E sector.
Charter: https://github.com/daserzw/oidc-edu-wg/releases/tag/v1.0.0
WG Homepage: https://openid.net/wg/rande/
OpenID Connect training
During the GN4-2 project instances of the OJOU (OAuth2, JW*, OpenID Connect and UMA) Course were held in Espoo (fi), Budapest (hu) and Rome (it), which focussed on the fundamental basics of OpenID Connect and it's underlying protocols.
Course material: https://github.com/rohe/ojou_course
Documents
- Meeting Notes Design Meeting Copenhagen, September 15, 2018: Meeting notes Copenhagen September 15th.docx
Reference Materials
- Draft OpenID Connect Federation
- Example implementation of the OIDC Federation
- OTTO - Open Trust Taxonomy for Federation Operators, minutes Kantara WG
- OIDC Mailinglist (GEANT) - The current mailinglist for discussion on the OIDC Federation draft (Federation perspective)
- OIDC specifications (Open ID Foundation) - The current mailinglist for discussion on the OIDC Federation draft (OpenID Connect perspective)
Attachments