...
OidcImplicitService is a simple ImplicitGrantService extension which enforces OIDC specific constraints and adds IdToken to the client response. To include the idToken, you should add a IdTokenProvider implementation to In order to return an id_token, the OidcImplicitService should be configured as follows:
- If the response_type is "id_token token", then the IdTokenResponseFilter should be configured on the OidcImplicitService. The IdTokenResponseFilter in turn needs to know how to create an IdToken, so it must be configured with a IdTokenProvider implementation.
- If the response_type is "id_token", then a IdTokenProvider implementation should be configured directly on the OidcImplicitService.
Hybrid Flow
OidcHybridService supports Hybrid Flow by delegating to both OidcImplicitService and OidcAuthorizationCodeService. To include the idToken, you should add a IdTokenProvider implementation to OidcHybridService.
UserInfo Endpoint
UserInfoService returns UserInfo. It checks UserInfoProvider first, next - OidcUserSubject, and finally it defaults to converting the existing IdToken to UserInfo.
...