Change Details

While working on T2267, I noticed a couple of improvements could be added to the OIDC auth backend implementation: - there is no need to query the `userinfo` endpoint of the OIDC server when authenticating as those information can also be found in the decoded access token - use a more reliable access token expiration date (use `exp` timestamp in decoded token)

While working on T2267, I noticed a couple of improvements could be added to the OIDC auth backend implementation: - there is no need to query the `userinfo` endpoint of the OIDC server when authenticating as those information can also be found in the decoded access token - use a more reliable access token expiration date (use `exp` timestamp in decoded token) - check groups claim is present in decoded token before trying to read it

While working on T2267, I noticed a couple of improvements could be added to the OIDC auth backend implementation: - there is no need to query the `userinfo` endpoint of the OIDC server when authenticating as those information can also be found in the decoded access token - use a more reliable access token expiration date (use `exp` timestamp in decoded token) - check groups claim is present in decoded token before trying to read it