Analyse the code changes needed for the following spec changes.
- Solid_oidc_supported is no longer required in the well-known openid-configuration; discovery now happens by looking for "webid" in the "scopes_supported" instead.
- Tokens will now only include the "webid" claim if requested with a "webid" scope
- Instead of the access token webid will be included in the ID token
- This ID token needs to be exchanged for an access token at the solid server's authorization server. This server can be discovered by looking for the WWW-Authenticate HTTP header in response to an unauthenticated request, which will include an as_uri parameter
To keep backward compatibility, we should check if it is possible to use the www-authenticate header to detect if a server uses the old or new spec, and then act accordingly.
┆Issue is synchronized with this Wrike task by Unito
Analyse the code changes needed for the following spec changes.
To keep backward compatibility, we should check if it is possible to use the www-authenticate header to detect if a server uses the old or new spec, and then act accordingly.
┆Issue is synchronized with this Wrike task by Unito