Flask-oidc is a library used across the Fedora infrastructure. For its authentication it the oauth2client library is used. This is now deprecated and no longer maintained. This will need to be replaced.
Flask-oidc code: https://github.com/puiterwijk/flask-oidc
Bodhi implementation: https://github.com/fedora-infra/bodhi/tree/develop/bodhi-server/bodhi/server/auth
Authlib docs: https://docs.authlib.org/en/latest/basic/index.html
Here is the list of ideas/things we discussed/looked at:
Authlib is the new industry standard and looks to be a suitable replacement for oauth2client. The flask-oidc code would need to be rewritten to replace all the oauth2client code.
The flow of the code would need to be adjusted to work with the new library. Google-auth and authlib were looked at for this investigation and it was suggested that authlib looks a better replacemnt.
Find all instances of ouath2client code in the current flask-oidc code
Map the functionality of this code and what will be needed from the new library
Write the flow to replicate this functionality using the new library
Cut a new release using the updated code
(Optional) Update all appps in the Fedora infra which require this module