Notes from Ivan:<div dir="auto"><br></div><div dir="auto"><div dir="auto">For idpy-oidc, work is being done around the support for native clients, especially supporting variable ports for redirect URIs.</div><div dir="auto">  </div><div dir="auto">Along with that work, more checks are added around the validity of a redirect URI. The redirect URI should be a URL as it will become part of the Location HTTP header. The standard python libraries (urllib.parse) do not perform any kind of validation and will even accept ports with letters. </div><div dir="auto"><br></div><div dir="auto"> Additionally, we need to properly check for the URI scheme. I&#39;d like us to have a denylist (or an allowlist) for schemes. Schemes like &quot;data://&quot; and &quot;javascript://&quot; should be denied. </div><div dir="auto"><br></div><div dir="auto"> On another front, I have been working to generate test data with the Faker library. It integrates with pytest too. We can use that library to generate randomized data that follow some specific format. Given a seed, we can recreate the same data. A few useful references here: </div><div dir="auto">- <a href="https://faker.readthedocs.io/">https://faker.readthedocs.io/</a> </div><div dir="auto">-<a href="https://faker.readthedocs.io/en/stable/providers.html">https://faker.readthedocs.io/en/stable/providers.html</a> </div><div dir="auto">-<a href="https://faker.readthedocs.io/en/stable/communityproviders.html">https://faker.readthedocs.io/en/stable/communityproviders.html</a> </div><div dir="auto"><br></div><div dir="auto"> Matthew brought up the topic of tidying up the satosa repo. This relates to <a href="https://github.com/IdentityPython/SATOSA/pull/454">https://github.com/IdentityPython/SATOSA/pull/454</a>. We agreed to separate the configuration changes from changes after applying the settings (big changes on the source code etc). We should agree when to apply the changes; certainly after the new release that is to come.</div><br></div><div dir="auto"><br></div><div dir="auto"><br></div>