Provider Method for Creating Authenticated Session

[ryan01010111]

First, a sincere "thank you" for your contribution to FOSS, and continued commitment!

As the title states, I'd like to propose exposing — as part of the public API — a method for creating/establishing an authenticated session outside of the "interaction" flow. Here is my use case: We have an IdP / auth service built on top of oidc-provider. In this service, we've implemented support for SSO login (over SAML) via external IdPs that we integrate with. Now, we would like to support IdP-(Third-Party)-Initiated Login, where the initiator is the external (user's) IdP, which involves a SAML assertion being received by our IdP, at which point the user is effectively authenticated (given a valid assertion) on our side — and this is where we intend to create/establish an authenticated session. This allows continuation via a standard flow such as directing the user agent to a particular client's (app's) initiate_login_uri, etc., with the eventual return to our IdP carrying an authenticated session, so as to not require interaction/re-authentication.

With this in mind, I believe that the Provider.setProviderSession() method, which was removed some time ago here, is worth bringing up, as it seems it might have served this purpose. However, I wasn't able to find any discussion or comments on why it was removed.

[wille]

I'm in the same situation where the user is authenticated outside of oidc-provider and I just need the user to grant consent, effectively skipping the login part of the interaction flow.