Describes the scope of the group
- Volenteers from varios; work presented at EWTI 2015 describing Transforming Identifiers between OIDC and SAML and Mapping SAML attributes to OIDC Claims
- AARC project: https://aarc-project.eu/wp-content/uploads/2016/06/MJRA1.3-Design-for-the-integration-of-an-Attribute-Management-Tool.pdf
- TIIME 2017 session consensus over proposed solutions and agreement to combine forces and work in REFEDs OIDCe working group.
SAML to OIDC mapping
- Simple mapping based on mapping well understuud attributes (name, mail, sub)
- Advanced mapping, mapping commonly used attributes from eduPERSON, SCAHC and eduMEMBER. Register these in the IANA JSON Web Token Claims registry.
- Investigate the mapping of the R&S bundle in OIDC (just the attributes, not the trust framework)
The OpenID Connect Federation work is carried out with help of the GN4-2 project:
See also https://wiki.geant.org/display/gn42jra3/T3.1A+OpenID+Connect+Federation
A first version of the OIDCfed test suite is up and running
Roland has working federation aware RP and OP implementations for internal use.
Ioannis and Andres is working on a federation aware OP (based on pyoidc) for people how want to run their own.
Andreas is adding federation awareness to a OIDC NodeJS library
Janusz is adding federation awareness to a OIDC PHP library
Janne&Henri is working adding OIDC functionality to Shib together with the Shib dev team.
An update to the OIDC federation draft to be released in a couple of weeks.
- Herve, Jule and Maarten are interviewing federations ons there plans, requirements and use-cases.
SAML to OIDC mapping
- Simple mapping document to be delivered for public consutation at REFEDs no later then May 29, 2017
- Advanced mapping document to be delivered for public consutation at REFEDs no later then May 29, 2017. Registation in the IANA JSON Web Token Claims registry thereafter, but no later then Dec 31, 2017.
- Report on mapping of the R&S bundle in OIDC to be delivered by Sept 1 2017
First round of work to be done early June.