would it be possible to have a "simplified" documentation? #292
Comments
|
OIDC specifications are too much wide, for have a good security of the solution you end dealing with impl profiles with good interoperability did you have read the official OIDC national specification for SPID and CIE? Currently I have a really problematic agenda that doesn't allow me to (live) do anything else, however if you plan to create something to help people in a deeper understanding of these specifications consider me available in giving help, even in best effort. In particular, I suggest you to participate in the Developers Italia community joining in the Slack channel #spid-openid, is something that you should do before anything else, to reach and speak with people |
peppelinux
added
documentation
|
@peppelinux thank you for the answer, honestly, I will follow your advice to some extent (I will study enough OIDC/Auth 2.0 anyways even if at work I may not be allowed to continue to research further, don't know), i did read a bit of the OIDC national specification but I did not yet do a very deep dive into it since I hoped it would be possible to reach an implementation without having to put so much time into it (I imagined it to be more like the google or auth0, but I soon found out it is far more complex mainly due to it being federated and not even that popular overall as it is more of a specific business thing). my issue for now is that, as I keep trying to go towards a solution I still keep getting stuck specifically because I lack the knowledge to understand the problem in the first place. I'll see what the people at #spid-openid can tell me, thank you. P.S. the Italian version here is the same or better right? I do keep speaking English mostly because this is what I usually do in this context (also more people can figure out what I am saying this way and maybe get better answers), but I am Italian anyways. |
So, in the end i found out that the reason this repo just works is pretty much mostly because @peppelinux has a certain experience with OpenID connect and all, but the issue is that I and many people probably don't the same (impressive) level of experience.
While i am trying to get somewhere close to that realistically it's going to take me a very long time, i have absolutely no clue what a OIDC federation and many other pieces do and all the OIDC specs are very long, it's fine if you just link to simplified explanations or whatever as long as it is good enough to get something working, OIDC specs are many and take 3 hours each to be read in full and I am not immortal, but props for who wrote them, and also for who actually read them all.
What i am asking is if it would be possible to get a tutorial style walkthrough guide in some form to help any developer who maybe has just a very surface knowledge of OpenID Connect to integrate that SPID button (which doesn't have to be blue, it just has to work, making it blue afterwards is much simpler) in any app no matter the programming language, while using a supposedly a standard-compliant OIDC client library the language may have (for example, C# has identity model).
I know that there is for my use case exists a repo for C# called spid-cie-oidc-aspnetcore but it's setup guide is somewhat broken, or I may be broken as well, and honestly seems like i won't really get an answer from the maintainer there.
if you could make a full guide to help people get something that "just works" to then test it with this server implementation first then later expand it to the real production servers, that would be extremely helpful, this R&D project is giving me a very hard time right now.
The text was updated successfully, but these errors were encountered: