Thanks for the answers!
I will try to clarify my question.
We are implementing openid connect with Gluu, and we have custom web application that is integrated with Gluu and it handles the backend service calls for the authentication.
When the user has passed the first phase of authentication they may choose to cancel in the second phase. In this situation I would like to make a redirect from Gluu to the relying party with an error payload.
We just realized that the ConsentGathering step in Gluu does exactly what I'm trying to achieve. When user cancels/denies the consent, Gluu performs a redirect to the relying party with error, error_description and state. This happens at least with the ConsentGatheringSample.py.
https://github.com/GluuFederation/oxAuth/blob/master/Server/integrations/authz/ConsentGatheringSample.py
Can this action be performed from the first phases of the authentication?
From this script for example:
https://github.com/GluuFederation/oxAuth/blob/master/Server/integrations/basic/BasicExternalAuthenticator.py
Consent gathering step already requires the user to be authenticated, so it would be difficult to use.
The links you posted are related to authenticating from a mobile client, but I did not understand how they apply in our use case, since we are implementing the openid provider.
Best regards,
Jarkko