> Can't understand your searching, can you please add more info on this? What kind of app and what do you mean by 'custom authentication page'?
I want to authenticate end user by using a smart-card. I have an authentication page which has an applet is running. Applet gets some information from smart-card and sends the information to IDP. If we apply to this basic flow in openidconnect, use-case is like below:
1. End user opens RP's web site.
2. End user clicks "Login with Smart-Card" button.
3. RP redirects the user to the OP's authentication page.
4. Authentication page loads applet.
5. End user enter a PIN.
6. Applet does sth with smart-card and read some information from smart-card.
7. Applet send this information to the OP server.
8. OP read request attributes and perform authentication.
9. OP redirect the end user to the RP's page.
10. RP verify id token and login the end user.
So, for the item 3, how can i tell gluu that "you must use this web page with applet as authentication page"?
For item 8, i think i can handle it by writing a custom authentication script, can't i? Or do we have to update the source code of Gluu to include an authentication web page with applet jar and compile and re-deploy the Gluu?