This a fairly complete implementation of OpenID Connect as specified in http://openid.net/specs/openid-connect-core-1_0.html. And as a side effect a complete implementation of OAuth2.0 too.
Cudos to Vladislav Mladenov and Christian Mainka both at Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany for helping me making the implementation more secure.