At present, retrieving userinfo seems to require creating a Client, which in turn requires a username and password. In some cases however - for example, when using the pam_oidc module - we don't have these credentials. But we do have a valid token string.
According to the OIDC specification, it should be possible to retrieve the userinfo using just the token. But I can't find any way of doing this in the current implementation, unless I'm missing something obvious (I'm pretty new to both Go and OIDC).
If there's no way of doing this currently, would you be interested in a PR to implement this? Or is there a reason it's been left out?
At present, retrieving userinfo seems to require creating a
Client, which in turn requires a username and password. In some cases however - for example, when using thepam_oidcmodule - we don't have these credentials. But we do have a valid token string.According to the OIDC specification, it should be possible to retrieve the userinfo using just the token. But I can't find any way of doing this in the current implementation, unless I'm missing something obvious (I'm pretty new to both Go and OIDC).
If there's no way of doing this currently, would you be interested in a PR to implement this? Or is there a reason it's been left out?