How to create own Open ID connect authorization server

Question

I created an application for achieving all OAUTH2 grant types such as (Password grant. Client Credentials and Authorization type grant flow). But, now i want to switch authorization type grant flow into open id connect.

Googled the scenario, but all of them are using third party library to generate open id connect token like (keycloak, google, okta, athelete).

How to create a own authorization server in open id connect? It will be helpful if any inputs or link on this case. Thanks in advance.

Answer 1

Why not operate in a more real world manner and out source the security from your app?

Put your efforts into writing a portable standards compliant app that interfaces with a cloud authorization server.

I point my developers to the following type of setup: https://authguidance.com/2019/09/15/developer-domain-setup/

Answer 2

OpenID (OIDC) is just a layer on top of OAuth 2.0 for Identity at its simplest form. If you do not want to use a library, then you must read the specifications and write the code yourself.

OpenID Specifications

Study these two Python libraries to see how they did it:

• https://github.com/rohe/pyoidc
• https://github.com/openid/JWTConnect-Python-OidcRP