Have a look at: https://github.com/juanifioren/django-oidc-provider I know several Gov projects using it that are quite happy.
If the redirect URI is registered and compared by the Authorization server as required by the OAuth2 and OpenID Connect specifications this is not a issue. The OAuth 2 implicit flow encodes the access token in the URI…
Have a look at: https://github.com/juanifioren/django-oidc-provider I know several Gov projects using it that are quite happy.
If the redirect URI is registered and compared by the Authorization server as required by the OAuth2 and OpenID Connect specifications this is not a issue. The OAuth 2 implicit flow encodes the access token in the URI…