I did quite a bit of work with the authlib library on Bodhi to port it to OIDC, and it already has some support for Flask. I may be able to help with this initiative or with prototyping/scoping.

A fork of the upstream project has been created with a proof of concept that could be developed further to meet this original request, see:

https://src.fedoraproject.org/rpms/python-flask-oidc/pull-request/2
https://github.com/puiterwijk/flask-oidc/pull/144

However this would mean the CPE team accept maintenance and ownership of this version and be responsible for its upkeep.
The team are currently discussing this as an option and weighing it against another option to remove flask-oidc from applications and consume auth-lib as a dependency directly.

As the CPE team are the ones who will ultimately be responsible for this work, whether it is to develop the current branch or do some work to remove flask-oidc, it is appropriate that this is a team discussion first.

The discussion will then be brought to the fedora-infra list for community feedback when we have decided on what we believe is the best course of action in case we are wrong :)

This issue is now moved to the backlog until a decision has been reached and signed off on and requirements are gathered to deliver the project to its end state.

It might be worth considering https://github.com/CZ-NIC/pyoidc .

I've learned about its existence just recently (didn't try it out yet, didn't inspect the architecture of it), but it's developed and maintained by the employees of .cz domain registry with pretty good track record (more about it & some other projects are listed at https://en.wikipedia.org/wiki/CZ.NIC ).

This request has been dropped by CPE as there has been extensive work done by folks on our infra & releng team to rewrite most of the applications CPE maintains to consume AuthLib directly which removes the need to migrate Flask OIDC.