Examples dont seem to work

[johnbyrne7]

Hi. Thanks a bunch for this library; its just what I needed. I'm mostly interested in the flask_rp use case.

I downloaded your examples and tried to run them without success.

• I used the requirements.txt in a .venv from flask_op to download dependencies. BTW, your package isnt in the dependencies list, and I think it should be.
• I'm using the same .venv for both flask_op and flask_rp servers, since flask_rp didnt have a requirements.txt
• I get the expected dialog at localhost:8090 (flask_rp), and select flask_provider as the OP.
• I immediately get an error in flask_rp server (below). why are we looking for 'implicit' type when its not listed as a response type?
• I did not see this issue in your other repository (https://github.com/IdentityPython/JWTConnect-Python-OidcRP/)
  Any suggestions?

2023-06-02 16:45:22,162 werkzeug INFO 127.0.0.1 - - [02/Jun/2023 16:45:22] "GET / HTTP/1.1" 200 -
2023-06-02 16:45:35,470 idpyoidc.client.rp_handler DEBUG ******************** client_setup ********************
2023-06-02 16:45:35,472 idpyoidc.client.rp_handler INFO client_setup: iss_id=flask_provider, user=
2023-06-02 16:45:35,474 idpyoidc.client.rp_handler DEBUG Creating new client: flask_provider
2023-06-02 16:45:35,475 idpyoidc.client.rp_handler DEBUG ******************** init_client ********************
2023-06-02 16:45:35,610 idpyoidc.client.rp_handler DEBUG Get provider info
2023-06-02 16:45:35,611 idpyoidc.client.rp_handler DEBUG ******************** do_provider_info ********************
2023-06-02 16:45:35,613 idpyoidc.client.oauth2 DEBUG do_request info: {'url': 'https://127.0.0.1:5000/.well-known/openid-configuration', 'method': 'GET'}
2023-06-02 16:45:35,613 idpyoidc.client.oauth2 DEBUG Doing request with: URL:https://127.0.0.1:5000/.well-known/openid-configuration, method:GET, data:None, https_args:{}
2023-06-02 16:45:35,616 urllib3.connectionpool DEBUG Starting new HTTPS connection (1): 127.0.0.1:5000
2023-06-02 16:45:35,690 urllib3.connectionpool DEBUG https://127.0.0.1:5000 "GET /.well-known/openid-configuration HTTP/1.1" 200 1834
2023-06-02 16:45:35,693 idpyoidc.client.oauth2 DEBUG response_body_type: "json"
2023-06-02 16:45:35,693 idpyoidc.client.util DEBUG resp.headers: {'Server': 'Werkzeug/2.3.4 Python/3.10.1', 'Date': 'Fri, 02 Jun 2023 20:45:35 GMT', 'Content-type': 'application/json; charset=utf-8', 'Content-Length': '1834', 'Pragma': 'no-cache', 'Cache-Control': 'no-store', 'Connection': 'close'}
2023-06-02 16:45:35,693 idpyoidc.client.util DEBUG resp.txt: {"version": "3.0", "token_endpoint_auth_methods_supported": ["client_secret_basic"], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "grant_types_supported": ["authorization_code", "refresh_token", "urn:openid:params:grant-type:ciba", "urn:ietf:params:oauth:grant-type:token-exchange"], "jwks_uri": "https://127.0.0.1:5000/static/jwks.json", "scopes_supported": ["openid"], "response_types_supported": ["code", "token", "code token", "id_token", "id_token token", "code id_token", "code id_token token"], "response_modes_supported": ["query", "fragment", "form_post"], "subject_types_supported": ["public", "pairwise", "ephemeral"], "id_token_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "HS256", "HS384", "HS512", "none"], "userinfo_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "HS256", "HS384", "HS512", "none"], "request_object_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "HS256", "HS384", "HS512", "none"], "frontchannel_logout_supported": true, "frontchannel_logout_session_required": true, "backchannel_logout_supported": true, "backchannel_logout_session_required": true, "code_challenge_methods_supported": ["S256"], "issuer": "https://127.0.0.1:5000", "registration_endpoint": "https://127.0.0.1:5000/registration", "introspection_endpoint": "https://127.0.0.1:5000/introspection", "authorization_endpoint": "https://127.0.0.1:5000/authorization", "token_endpoint": "https://127.0.0.1:5000/token", "userinfo_endpoint": "https://127.0.0.1:5000/userinfo", "end_session_endpoint": "https://127.0.0.1:5000/session"}
2023-06-02 16:45:35,694 idpyoidc.client.oauth2 DEBUG Successful response: {"version": "3.0", "token_endpoint_auth_methods_supported": ["client_secret_basic"], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "grant_types_supported": ["authorization_code", "refresh_token", "urn:openid:params:grant-type:ciba", "urn:ietf:params:oauth:grant-type:token-exchange"], "jwks_uri": "https://127.0.0.1:5000/static/jwks.json", "scopes_supported": ["openid"], "response_types_supported": ["code", "token", "code token", "id_token", "id_token token", "code id_token", "code id_token token"], "response_modes_supported": ["query", "fragment", "form_post"], "subject_types_supported": ["public", "pairwise", "ephemeral"], "id_token_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "HS256", "HS384", "HS512", "none"], "userinfo_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "HS256", "HS384", "HS512", "none"], "request_object_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "HS256", "HS384", "HS512", "none"], "frontchannel_logout_supported": true, "frontchannel_logout_session_required": true, "backchannel_logout_supported": true, "backchannel_logout_session_required": true, "code_challenge_methods_supported": ["S256"], "issuer": "https://127.0.0.1:5000", "registration_endpoint": "https://127.0.0.1:5000/registration", "introspection_endpoint": "https://127.0.0.1:5000/introspection", "authorization_endpoint": "https://127.0.0.1:5000/authorization", "token_endpoint": "https://127.0.0.1:5000/token", "userinfo_endpoint": "https://127.0.0.1:5000/userinfo", "end_session_endpoint": "https://127.0.0.1:5000/session"}
2023-06-02 16:45:35,695 idpyoidc.client.service DEBUG response format: json
2023-06-02 16:45:35,695 idpyoidc.client.service DEBUG response_cls: ProviderConfigurationResponse
2023-06-02 16:45:35,695 idpyoidc.client.service DEBUG Initial response parsing => "{'version': '3.0', 'token_endpoint_auth_methods_supported': ['client_secret_basic'], 'claims_parameter_supported': True, 'request_parameter_supported': True, 'request_uri_parameter_supported': True, 'require_request_uri_registration': False, 'grant_types_supported': ['authorization_code', 'refresh_token', 'urn:openid:params:grant-type:ciba', 'urn:ietf:params:oauth:grant-type:token-exchange'], 'jwks_uri': 'https://127.0.0.1:5000/static/jwks.json', 'scopes_supported': ['openid'], 'response_types_supported': ['code', 'token', 'code token', 'id_token', 'id_token token', 'code id_token', 'code id_token token'], 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['public', 'pairwise', 'ephemeral'], 'id_token_signing_alg_values_supported': ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'PS256', 'PS384', 'PS512', 'HS256', 'HS384', 'HS512', 'none'], 'userinfo_signing_alg_values_supported': ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'PS256', 'PS384', 'PS512', 'HS256', 'HS384', 'HS512', 'none'], 'request_object_signing_alg_values_supported': ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'PS256', 'PS384', 'PS512', 'HS256', 'HS384', 'HS512', 'none'], 'frontchannel_logout_supported': True, 'frontchannel_logout_session_required': True, 'backchannel_logout_supported': True, 'backchannel_logout_session_required': True, 'code_challenge_methods_supported': ['S256'], 'issuer': 'https://127.0.0.1:5000', 'registration_endpoint': 'https://127.0.0.1:5000/registration', 'introspection_endpoint': 'https://127.0.0.1:5000/introspection', 'authorization_endpoint': 'https://127.0.0.1:5000/authorization', 'token_endpoint': 'https://127.0.0.1:5000/token', 'userinfo_endpoint': 'https://127.0.0.1:5000/userinfo', 'end_session_endpoint': 'https://127.0.0.1:5000/session'}"
2023-06-02 16:45:35,696 idpyoidc.client.service DEBUG Verify response with {'iss': 'https://127.0.0.1:5000/', 'keyjar': <KeyJar(issuers=[''])>, 'verify': True, 'client_id': None}
2023-06-02 16:45:35,697 cryptojwt.key_jar DEBUG Initiating key bundle for issuer: https://127.0.0.1:5000
2023-06-02 16:45:35,697 cryptojwt.key_issuer DEBUG httpc_params: {'timeout': 10, 'verify': False}
2023-06-02 16:45:35,698 cryptojwt.key_bundle INFO Reading remote JWKS from https://127.0.0.1:5000/static/jwks.json
2023-06-02 16:45:35,698 cryptojwt.key_bundle DEBUG KeyBundle fetch keys from: https://127.0.0.1:5000/static/jwks.json
2023-06-02 16:45:35,700 urllib3.connectionpool DEBUG Starting new HTTPS connection (1): 127.0.0.1:5000
2023-06-02 16:45:35,761 urllib3.connectionpool DEBUG https://127.0.0.1:5000 "GET /static/jwks.json HTTP/1.1" 200 691
2023-06-02 16:45:35,764 cryptojwt.key_bundle DEBUG Loaded JWKS: {"keys": [{"kty": "RSA", "use": "sig", "kid": "bXNmZXROQ3N2dDI2SWY5VlNWTG5yOXZqYlpLenVsalhwUWR5RW9BMHNCaw", "n": "uGVI-b6qr-OTc2knp7bpmDtiCQoWFXZ8mUV-SX0rCMtcc_IRmc_J7AfNEfnYk3dv0cKQK_Dgv3vicoeuf4KQ9ZZY-xI3bnRl9_HnhRpz_cJScDirkNKlsv8aQuYBO_gIiHp8B32YC0nx3BUQV5I6QGEiyG-lZT9PmXsUO1uKPPhny_vtQ6cUpvtuLySBu2ZYpaTDQqCv5Y6EKC49NYWhBB4B6f6TNKCoQTaxA8ZoM3lh7kFbu5DPEXKFAtuNiOtUNP7Ei9KfBtyBYSaZQBY8VkwAm1yKCA2sfv1mBwx0dT53MPJlNkoltf89mv1NM2OJPQAgGE6ygwGS2fyBLAn_bQ", "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "U0pLNmFBRE4waDYyZG9ZdjNPb2pTZXAwZzdrbmpZdG0ya3lpaFJwZU9ncw", "crv": "P-256", "x": "DYUyBfiD53SEtUuKLjFCFpIkqyhbmBppAMjOat9qiY0", "y": "-SUSvVeOv7EA84qHLLEkDP24iZree-fomICuA4baeeA"}]} from https://127.0.0.1:5000/static/jwks.json
2023-06-02 16:45:35,764 cryptojwt.key_bundle DEBUG Loaded JWKS: {"keys": [{"kty": "RSA", "use": "sig", "kid": "bXNmZXROQ3N2dDI2SWY5VlNWTG5yOXZqYlpLenVsalhwUWR5RW9BMHNCaw", "n": "uGVI-b6qr-OTc2knp7bpmDtiCQoWFXZ8mUV-SX0rCMtcc_IRmc_J7AfNEfnYk3dv0cKQK_Dgv3vicoeuf4KQ9ZZY-xI3bnRl9_HnhRpz_cJScDirkNKlsv8aQuYBO_gIiHp8B32YC0nx3BUQV5I6QGEiyG-lZT9PmXsUO1uKPPhny_vtQ6cUpvtuLySBu2ZYpaTDQqCv5Y6EKC49NYWhBB4B6f6TNKCoQTaxA8ZoM3lh7kFbu5DPEXKFAtuNiOtUNP7Ei9KfBtyBYSaZQBY8VkwAm1yKCA2sfv1mBwx0dT53MPJlNkoltf89mv1NM2OJPQAgGE6ygwGS2fyBLAn_bQ", "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "U0pLNmFBRE4waDYyZG9ZdjNPb2pTZXAwZzdrbmpZdG0ya3lpaFJwZU9ncw", "crv": "P-256", "x": "DYUyBfiD53SEtUuKLjFCFpIkqyhbmBppAMjOat9qiY0", "y": "-SUSvVeOv7EA84qHLLEkDP24iZree-fomICuA4baeeA"}]} from https://127.0.0.1:5000/static/jwks.json
2023-06-02 16:45:35,766 idpyoidc.client.claims.transform INFO Asked for "request_uri" which it did not plan to use
2023-06-02 16:45:35,768 idpyoidc.client.claims.transform INFO Asked for "request_uri" which it did not plan to use
2023-06-02 16:45:35,769 idpyoidc.client.rp_handler DEBUG Do client registration
2023-06-02 16:45:35,769 idpyoidc.client.rp_handler DEBUG ******************** do_client_registration ********************
2023-06-02 16:45:35,770 idpyoidc.client.claims.transform DEBUG Entity registered: {'redirect_uris': ['https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb'], 'response_types': ['code', 'token', 'code token', 'id_token', 'id_token token', 'code id_token'], 'grant_types': ['authorization_code'], 'application_type': 'web', 'jwks_uri': 'https://127.0.0.1:8090/static/jwks.json', 'subject_type': 'public', 'id_token_signed_response_alg': 'RS256', 'userinfo_signed_response_alg': 'RS256', 'request_object_signing_alg': 'RS256', 'token_endpoint_auth_method': 'client_secret_basic', 'token_endpoint_auth_signing_alg': 'RS256', 'default_max_age': 86400, 'callback_uris': {'redirect_uris': {'code': ['https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb']}, 'frontchannel_logout_uri': 'https://127.0.0.1:8090/fc_logout/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb', 'backchannel_logout_uri': 'https://127.0.0.1:8090/bc_logout/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb', 'post_logout_redirect_uris': ['https://127.0.0.1:8090/session_logout/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb']}, 'encrypt_request_object_supported': False, 'response_modes_supported': ['query', 'fragment', 'form_post'], 'encrypt_userinfo_supported': False, 'scope': ['openid']}
2023-06-02 16:45:35,771 idpyoidc.client.entity WARNING No such response type combination: ['code', 'token', 'code token', 'id_token', 'id_token token', 'code id_token']
2023-06-02 16:45:35,771 idpyoidc.client.service DEBUG Request: {'application_type': 'web', 'response_types': ['code', 'token', 'code token', 'id_token', 'id_token token', 'code id_token'], 'redirect_uris': ['https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb'], 'grant_types': ['authorization_code', 'implicit'], 'jwks_uri': 'https://127.0.0.1:8090/static/jwks.json', 'subject_type': 'public', 'id_token_signed_response_alg': 'RS256', 'userinfo_signed_response_alg': 'RS256', 'request_object_signing_alg': 'RS256', 'token_endpoint_auth_method': 'client_secret_basic', 'token_endpoint_auth_signing_alg': 'RS256', 'default_max_age': 86400}
2023-06-02 16:45:35,771 idpyoidc.client.oauth2 DEBUG do_request info: {'method': 'POST', 'request': <idpyoidc.message.oidc.RegistrationRequest object at 0x000001F43EF13F40>, 'url': 'https://127.0.0.1:5000/registration', 'body': '{"application_type": "web", "response_types": ["code", "token", "code token", "id_token", "id_token token", "code id_token"], "redirect_uris": ["https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb"], "grant_types": ["authorization_code", "implicit"], "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "subject_type": "public", "id_token_signed_response_alg": "RS256", "userinfo_signed_response_alg": "RS256", "request_object_signing_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "token_endpoint_auth_signing_alg": "RS256", "default_max_age": 86400}', 'headers': {'Content-Type': 'application/json'}}
2023-06-02 16:45:35,772 idpyoidc.client.oauth2 DEBUG Doing request with: URL:https://127.0.0.1:5000/registration, method:POST, data:{"application_type": "web", "response_types": ["code", "token", "code token", "id_token", "id_token token", "code id_token"], "redirect_uris": ["https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb"], "grant_types": ["authorization_code", "implicit"], "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "subject_type": "public", "id_token_signed_response_alg": "RS256", "userinfo_signed_response_alg": "RS256", "request_object_signing_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "token_endpoint_auth_signing_alg": "RS256", "default_max_age": 86400}, https_args:{'Content-Type': 'application/json'}
2023-06-02 16:45:35,774 urllib3.connectionpool DEBUG Starting new HTTPS connection (1): 127.0.0.1:5000
2023-06-02 16:45:35,888 werkzeug INFO 127.0.0.1 - - [02/Jun/2023 16:45:35] "GET /static/jwks.json HTTP/1.1" 200 -
2023-06-02 16:45:35,905 urllib3.connectionpool DEBUG https://127.0.0.1:5000 "POST /registration HTTP/1.1" 201 831
2023-06-02 16:45:35,908 idpyoidc.client.oauth2 DEBUG response_body_type: "json"
2023-06-02 16:45:35,909 idpyoidc.client.util DEBUG resp.headers: {'Server': 'Werkzeug/2.3.4 Python/3.10.1', 'Date': 'Fri, 02 Jun 2023 20:45:35 GMT', 'Content-type': 'application/json; charset=utf-8', 'Content-Length': '831', 'Pragma': 'no-cache', 'Cache-Control': 'no-store', 'Set-Cookie': 'oidc_op_rp=1685738735|YNzKe1JyVmwXoAWC|sxufV+tCJzyMeVX0922TI2aSoMH8YlFBXyZnidC0IoeCzFAkMCMKBcBOpf/+UcJ5LhWZgmUhD8WA/1iL054je3UoGULeREpP3TSxENbUjhGahID4abO+5CREnj2AV8DVIucwh6caCI0=|2hROPDS7I5ceZXum/e2nCw==; Secure; HttpOnly; Path=/; SameSite=Lax', 'Connection': 'close'}
2023-06-02 16:45:35,910 idpyoidc.client.util DEBUG resp.txt: {"client_id": "BnpbzrpYnVcSmolzL6GIHA", "registration_access_token": "OMYzMDvWl5K_CfEfjNMxSJqvIzsoJYQWFX0m2P3dHTA", "registration_client_uri": "https://127.0.0.1:5000/registration_api?client_id=BnpbzrpYnVcSmolzL6GIHA", "client_id_issued_at": 1685738735, "client_secret": "2c4a3327c1f98dd1532be04f0300e9114814673b75552abc32416c65", "client_secret_expires_at": 1688330735, "application_type": "web", "response_types": ["id_token token", "id_token", "code id_token", "code", "code token", "token"], "grant_types": ["authorization_code"], "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "token_endpoint_auth_method": "client_secret_basic", "token_endpoint_auth_signing_alg": "RS256", "default_max_age": 86400, "redirect_uris": ["https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb"]}
2023-06-02 16:45:35,910 idpyoidc.client.oauth2 DEBUG Successful response: {"client_id": "BnpbzrpYnVcSmolzL6GIHA", "registration_access_token": "OMYzMDvWl5K_CfEfjNMxSJqvIzsoJYQWFX0m2P3dHTA", "registration_client_uri": "https://127.0.0.1:5000/registration_api?client_id=BnpbzrpYnVcSmolzL6GIHA", "client_id_issued_at": 1685738735, "client_secret": "2c4a3327c1f98dd1532be04f0300e9114814673b75552abc32416c65", "client_secret_expires_at": 1688330735, "application_type": "web", "response_types": ["id_token token", "id_token", "code id_token", "code", "code token", "token"], "grant_types": ["authorization_code"], "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "token_endpoint_auth_method": "client_secret_basic", "token_endpoint_auth_signing_alg": "RS256", "default_max_age": 86400, "redirect_uris": ["https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb"]}
2023-06-02 16:45:35,910 idpyoidc.client.service DEBUG response format: json
2023-06-02 16:45:35,911 idpyoidc.client.service DEBUG response_cls: RegistrationResponse
2023-06-02 16:45:35,911 idpyoidc.client.service DEBUG Initial response parsing => "{'client_id': 'BnpbzrpYnVcSmolzL6GIHA', 'registration_access_token': 'OMYzMDvWl5K_CfEfjNMxSJqvIzsoJYQWFX0m2P3dHTA', 'registration_client_uri': 'https://127.0.0.1:5000/registration_api?client_id=BnpbzrpYnVcSmolzL6GIHA', 'client_id_issued_at': 1685738735, 'client_secret': '2c4a3327c1f98dd1532be04f0300e9114814673b75552abc32416c65', 'client_secret_expires_at': 1688330735, 'application_type': 'web', 'response_types': ['id_token token', 'id_token', 'code id_token', 'code', 'code token', 'token'], 'grant_types': ['authorization_code'], 'jwks_uri': 'https://127.0.0.1:8090/static/jwks.json', 'token_endpoint_auth_method': 'client_secret_basic', 'token_endpoint_auth_signing_alg': 'RS256', 'default_max_age': 86400, 'redirect_uris': ['https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb']}"
2023-06-02 16:45:35,912 idpyoidc.client.service DEBUG Verify response with {'iss': 'https://127.0.0.1:5000', 'keyjar': <KeyJar(issuers=['', 'https://127.0.0.1:5000'])>, 'verify': True, 'client_id': None}
2023-06-02 16:45:35,913 idpyoidc.client.claims.transform DEBUG Entity registered: {'client_id': 'BnpbzrpYnVcSmolzL6GIHA', 'registration_access_token': 'OMYzMDvWl5K_CfEfjNMxSJqvIzsoJYQWFX0m2P3dHTA', 'registration_client_uri': 'https://127.0.0.1:5000/registration_api?client_id=BnpbzrpYnVcSmolzL6GIHA', 'client_id_issued_at': 1685738735, 'client_secret': '2c4a3327c1f98dd1532be04f0300e9114814673b75552abc32416c65', 'client_secret_expires_at': 1688330735, 'application_type': 'web', 'response_types': ['id_token token', 'id_token', 'code id_token', 'code', 'code token', 'token'], 'grant_types': ['authorization_code'], 'jwks_uri': 'https://127.0.0.1:8090/static/jwks.json', 'token_endpoint_auth_method': 'client_secret_basic', 'token_endpoint_auth_signing_alg': 'RS256', 'default_max_age': 86400, 'redirect_uris': ['https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb'], 'subject_type': 'public', 'id_token_signed_response_alg': 'RS256', 'userinfo_signed_response_alg': 'RS256', 'request_object_signing_alg': 'RS256', 'callback_uris': {'redirect_uris': {'code': ['https://127.0.0.1:8090/authz_cb/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb']}, 'frontchannel_logout_uri': 'https://127.0.0.1:8090/fc_logout/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb', 'backchannel_logout_uri': 'https://127.0.0.1:8090/bc_logout/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb', 'post_logout_redirect_uris': ['https://127.0.0.1:8090/session_logout/57d6050e8b8bbb8b7f15141133076c8648671ff203f6a5fe222362b041963bdb']}, 'encrypt_request_object_supported': False, 'response_modes_supported': ['query', 'fragment', 'form_post'], 'encrypt_userinfo_supported': False, 'scope': ['openid']}
2023-06-02 16:45:36,011 idpyoidc.client.rp_handler DEBUG ******************** init_authorization ********************
2023-06-02 16:45:36,012 idpyoidc.client.rp_handler ERROR ['Traceback (most recent call last):\n', ' File "D:\temp\gitcode\idpy-oidc\example\flask_op\.venv\lib\site-packages\idpyoidc\client\rp_handler.py", line 500, in begin\n res = self.init_authorization(client, req_args=req_args, behaviour_args=behaviour_args)\n', ' File "D:\temp\gitcode\idpy-oidc\example\flask_op\.venv\lib\site-packages\idpyoidc\client\rp_handler.py", line 439, in init_authorization\n "redirect_uri": pick_redirect_uri(\n', ' File "D:\temp\gitcode\idpy-oidc\example\flask_op\.venv\lib\site-packages\idpyoidc\client\oauth2\utils.py", line 61, in pick_redirect_uri\n redirect_uri = _callback_uris["implicit"][0]\n', "KeyError: 'implicit'\n"]
2023-06-02 16:45:36,014 werkzeug INFO 127.0.0.1 - - [02/Jun/2023 16:45:36] "�[31m�[1mGET /rp?uid=&dyn_iss=&static_iss=flask_provider HTTP/1.1�[0m" 400 -

[rohe]

Have not updated requirements.txt in years :-/

I would appreciate if you could check out the example_fix branch on GitHub and see if that works for you.
Had to make a couple of changes to make it work for me.

[varstr]

Hi, I've just tried the example_fix branch following Usage Doc.
Login works fine but Logout failed with {"error": "invalid_request", "error_description": "'token'"} on https://127.0.0.1:5000/session