1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# OAuth2 Test Server — Sample Configuration
# Copy this file, edit the values, and load it via
# IssuerConfig::from_file("path/to/config.yaml")
#
# All fields are optional — defaults are shown below.
# --- Server ---
scheme: "http"
host: "localhost"
port: 8090 # 0 = random free port
# --- User Identity ---
default_user_id: "test-user-123" # sub claim in tokens/userinfo
# --- Security ---
require_state: true # require state param in /authorize
generate_client_secret_for_dcr: true # auto-generate secret on DCR
allowed_origins: # CORS (empty = allow all)
# --- Token Lifetimes (seconds) ---
access_token_expires_in: 3600 # 1 hour
refresh_token_expires_in: 2592000 # 30 days
authorization_code_expires_in: 600 # 10 minutes
cleanup_interval_secs: 300 # cleanup expired every 5 min (0 = off)
# --- OIDC Capabilities ---
scopes_supported:
- openid
- profile
- email
- offline_access
- address
- phone
claims_supported:
- sub
- name
- given_name
- family_name
- email
- email_verified
- picture
- locale
grant_types_supported:
- authorization_code
- refresh_token
- client_credentials
response_types_supported:
- code
- token
- id_token
token_endpoint_auth_methods_supported:
- client_secret_basic
- client_secret_post
- none
- private_key_jwt
code_challenge_methods_supported:
- plain
- S256
subject_types_supported:
- public
id_token_signing_alg_values_supported:
- RS256