OpenID Connect Dynamic Client Registration #707

azmeuk · 2025-02-19T10:27:12Z

This implements OpenID Connect Dynamic Client Registration and fixes #705.

Basically, a new claims class is created at authlib/oidc/registration/claims.py with all the missing claims.
On the same time I have tuned RegistrationEndpoint so it can handle several claims at the same time (this is also in prevision of #500 and the additional post_logout_redirect_uris registration claim).

Here is how one can use OIDC Dynamic Client Registration:

    from authlib.oauth2.rfc7591 import ClientMetadataClaims as OAuth2ClientMetadataClaims
    from authlib.oauth2.rfc7591 import ClientRegistrationEndpoint
    from authlib.oidc.registration import ClientMetadataClaims as OIDCClientMetadataClaims

    class MyClientRegistrationEndpoint(ClientRegistrationEndpoint):
        ...

        def get_server_metadata(self):
            ...

    authorization_server.register_endpoint(
        MyClientRegistrationEndpoint(
            claims_classes=[OAuth2ClientMetadataClaims, OIDCClientMetadataClaims]
        )
    )

lepture · 2025-02-20T08:24:17Z

LGTM

azmeuk added 2 commits February 17, 2025 11:16

refactor: allow RegistrationEndpoint to take several claims classes

a542065

feat: implement OIDC dynamic client registration

5602965

azmeuk added the feature request label Feb 19, 2025

azmeuk requested a review from lepture February 19, 2025 10:27

lepture merged commit 7ab1927 into lepture:main Feb 20, 2025
9 of 10 checks passed

azmeuk deleted the 705-oidc-registration branch February 20, 2025 08:30

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OpenID Connect Dynamic Client Registration #707

OpenID Connect Dynamic Client Registration #707

azmeuk commented Feb 19, 2025

lepture commented Feb 20, 2025

OpenID Connect Dynamic Client Registration #707

OpenID Connect Dynamic Client Registration #707

Conversation

azmeuk commented Feb 19, 2025

lepture commented Feb 20, 2025