Replies: 1 comment 2 replies
-
|
I don't see what OpenAPI spec has to do with the openid-client Node.js module. |
Beta Was this translation helpful? Give feedback.
-
|
This client implements the specification of OpenID in node.js. As such it knows about most/all endpoints of an OpenID provider, and how these should be interacted with. This looked like the place where knowledge of such a spec's existence would be. Even if it isn't OpenAPI/Swagger, is there an overview of all endpoints and its allowed methods/components that an OpenID provider usually provides? |
Beta Was this translation helpful? Give feedback.
-
|
I am unsure whether I can suggest anything beyond referring you to the specifications or the code. |
Beta Was this translation helpful? Give feedback.
-
We are looking for a way to interact with the OpenID provider based on all the endpoints it has available, the possible methods for each, and the content each request may have (such as query or body content).
The goal is security testing of an implementation of the provider.
The documentation of OpenID is already thorough, but there seems to be no machine readable reference of the spec. Is there something like this available?
It would be best if that were in an OpenAPI spec already 😄
Thanks!
/cc @jcnauta
Beta Was this translation helpful? Give feedback.
All reactions