I implemented an example of Open ID Connect Relying Party with Play framework (Java). This time only "Core - Authorization Code Flow" and Session Management - RP Initiated Logout" are implemented. I chose "Connect2id : Nimbus OAuth 2.0 SDK with OpenID Connect extensions" as an Open ID Connect library.
Impression of Connect2id
- The class architecture is simple and easy to guess the usage.
- It is not good I/F which needs a cast in the process where analyzing an error of authorization.
- Cast from AuthenticationResponse to AuthenticationErrorResponse will be happened.
- There is no function to receive the callback of RP initiated Logout.
- It is better to provide it to make the unity with other APIs.