8e298791d7
This change implements OAuth2 Token Exchange in OP according to RFC 8693 (and client code) Some implementation details: - OP parses and verifies subject/actor tokens natively if they were issued by OP - Third-party tokens verification is also possible by implementing additional storage interface - Token exchange can issue only OP's native tokens (id_token, access_token and refresh_token) with static issuer |
||
|---|---|---|
| .. | ||
| dynamic | ||
| exampleop | ||
| storage | ||
| main.go | ||
| service-key1.json | ||