jveverka / iam-service Goto Github PK
View Code? Open in Web Editor NEWSimple OAuth2/OpenID-connect authentication and authorization server.
License: Other
Simple OAuth2/OpenID-connect authentication and authorization server.
License: Other
required by resource server:
https://docs.spring.io/spring-security/site/docs/5.3.1.BUILD-SNAPSHOT/reference/html5/#oauth2resourceserver
implementation is described here:
https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
https://tools.ietf.org/html/rfc8414#section-3
end-user is able to sign up and register without administrator
such user will be granted default role/permission set
as specified in OIDC core 1.0
https://openid.net/specs/openid-connect-core-1_0.html#UserInfoRequest
some data are not aligned with implementation
http://localhost:8080/services/authentication/iam-admins/iam-admins/.well-known/openid-configuration
Model, Organization, Project, Client, User
https://tools.ietf.org/html/rfc6749#section-3.3
https://tools.ietf.org/html/rfc6749#section-4.3
if scope is empty, use full scope
implement jwks_uri endpoint as specified here
https://openid.net/specs/openid-connect-discovery-1_0.html
add uri to OpenID Provider Configuration Response
create integration test package that can be used to verify any instance of iam-service
Project object will have Map<String, String> properties.
iam-spring-httpclient is obsolete and it replaced by much better iam-service-client
As specified here:
https://tools.ietf.org/html/rfc7519#section-4.1.3
"aud" : [ "api1", "api2", ... ]
Project should contain set of audiences to be used for granting access.
secure introspection endpoint as described here
https://tools.ietf.org/html/rfc7662#section-2.1
To prevent token scanning attacks, the endpoint MUST also require
some form of authorization to access this endpoint, such as client
authentication as described in OAuth 2.0 [RFC6749] or a separate
OAuth 2.0 access token such as the bearer token described in OAuth
2.0 Bearer Token Usage [RFC6750]. The methods of managing and
validating these authentication credentials are out of scope of this
specification.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.